dépôts / lhc / web / wiklou.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: 69240c4 1476429)
Merge "shell: Add NO_LOCALSETTINGS restriction"
authorjenkins-bot <jenkins-bot@gerrit.wikimedia.org>
Fri, 22 Dec 2017 01:44:22 +0000 (01:44 +0000)
committerGerrit Code Review <gerrit@wikimedia.org>
Fri, 22 Dec 2017 01:44:22 +0000 (01:44 +0000)
1  2 
includes/shell/FirejailCommand.php patch | diff1 | diff2 | blob | history
tests/phpunit/includes/shell/FirejailCommandTest.php patch | diff1 | diff2 | blob | history

diff --cc includes/shell/FirejailCommand.php
Simple merge
diff --cc tests/phpunit/includes/shell/FirejailCommandTest.php
index fab14ca,57d820e..7d6d7f8
--- 1/tests/phpunit/includes/shell/FirejailCommandTest.php
--- 2/tests/phpunit/includes/shell/FirejailCommandTest.php
+++ b/tests/phpunit/includes/shell/FirejailCommandTest.php
@@@ -29,9 -29,10 +29,10 @@@ class FirejailCommandTest extends PHPUn
                // @codingStandardsIgnoreStart
                $env = "'MW_INCLUDE_STDERR=;MW_CPU_LIMIT=180; MW_CGROUP='\'''\''; MW_MEM_LIMIT=307200; MW_FILE_SIZE_LIMIT=102400; MW_WALL_CLOCK_LIMIT=180; MW_USE_LOG_PIPE=yes'";
                // @codingStandardsIgnoreEnd
 -              $limit = "$IP/includes/shell/limit.sh";
 +              $limit = "/bin/bash '$IP/includes/shell/limit.sh'";
                $profile = "--profile=$IP/includes/shell/firejail.profile";
-               $default = '--noroot --seccomp=@default --private-dev';
+               $blacklist = '--blacklist=' . realpath( MW_CONFIG_FILE );
+               $default = "$blacklist --noroot --seccomp=@default --private-dev";
                return [
                        [
                                'No restrictions',
Wiklou, le Wiki du Wiklou