Overview
Request 652353 accepted
- Update to man-db 2.8.4
* Major changes since man-db 2.8.3:
+ Rely on decompressors reading from their standard input rather
than redundantly passing them the input file on their command
line. This works better with downstream AppArmor confinement of
decompressors.
+ Fix invalid syntax in tmpfiles.d/man-db.conf when configured with
--disable-cache-owner.
+ Make seccomp sandbox allow sched_getaffinity, sometimes used by
xz.
+ Check for mandb_nfmt and mandb_tfmt in the manual page hierarchy
as documented, not in the current directory. This was broken by
the working-directory-handling changes in 2.8.3. Note that this
change means that "man -l" will never use an external formatter
(which was never documented behaviour and was surely a bad idea).
+ Make seccomp sandbox allow some shared memory operations across
the board rather than just when ESET File Security is in use; the
Astrill VPN seems to require something similar, and there are
doubtless other such preload hacks.
+ Some versions of ESET File Security call msgget and msgsnd; if
this program is in use, then allow those.
* Major changes since man-db 2.8.2:
+ Make seccomp sandbox allow madvise, since that's used by lbzip2.
+ Make seccomp sandbox allow kill and tgkill outright, since groff
uses kill to pass on signals to its child processes.
+ Make seccomp sandbox allow sibling architectures on
x86/x86_64/x32, since people sometimes mix and match architectures
there for performance reasons.
+ Fix version check in locale macro loading to tolerate groff
release candidates.
- Created by WernerFink
- In state accepted
Request History
WernerFink created request
- Update to man-db 2.8.4
* Major changes since man-db 2.8.3:
+ Rely on decompressors reading from their standard input rather
than redundantly passing them the input file on their command
line. This works better with downstream AppArmor confinement of
decompressors.
+ Fix invalid syntax in tmpfiles.d/man-db.conf when configured with
--disable-cache-owner.
+ Make seccomp sandbox allow sched_getaffinity, sometimes used by
xz.
+ Check for mandb_nfmt and mandb_tfmt in the manual page hierarchy
as documented, not in the current directory. This was broken by
the working-directory-handling changes in 2.8.3. Note that this
change means that "man -l" will never use an external formatter
(which was never documented behaviour and was surely a bad idea).
+ Make seccomp sandbox allow some shared memory operations across
the board rather than just when ESET File Security is in use; the
Astrill VPN seems to require something similar, and there are
doubtless other such preload hacks.
+ Some versions of ESET File Security call msgget and msgsnd; if
this program is in use, then allow those.
* Major changes since man-db 2.8.2:
+ Make seccomp sandbox allow madvise, since that's used by lbzip2.
+ Make seccomp sandbox allow kill and tgkill outright, since groff
uses kill to pass on signals to its child processes.
+ Make seccomp sandbox allow sibling architectures on
x86/x86_64/x32, since people sometimes mix and match architectures
there for performance reasons.
+ Fix version check in locale macro loading to tolerate groff
release candidates.
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
staging-bot set openSUSE:Factory:Staging:H as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:H"
staging-bot accepted review
Picked openSUSE:Factory:Staging:H
jengelh accepted review
dimstar_suse changed priority to moderate => important
raising priority for openSUSE:Factory:Staging:H
repo-checker accepted review
cycle and install check passed
licensedigger accepted review
ok
dimstar_suse accepted review
ready to accept
dimstar_suse approved review
ready to accept
dimstar_suse accepted request
Accept to openSUSE:Factory