Tor: Pick up upstream patch for fixing sandbox with glibc >= 2.34

Fixes: #12807
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>

diff --git a/lfs/tor b/lfs/tor
index 2eb2adcb1a68267270446edc444aa55dc8c9bc1b..d732bc66e90b6bb96d9da373b729af0021eff211 100644 (file)
--- a/lfs/tor
+++ b/lfs/tor
@@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = tor
-PAK_VER    = 67
+PAK_VER    = 68
 
 DEPS       = libseccomp
 
@@ -89,6 +89,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
                        --with-tor-user=tor \
                        --with-tor-group=tor
 
+       # https://bugzilla.ipfire.org/show_bug.cgi?id=12807
+       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/Tor-Sandbox-permit-the-clone3-system-call.patch
+
        cd $(DIR_APP) && make $(MAKETUNING)
        cd $(DIR_APP) && make install
 

diff --git a/src/patches/Tor-Sandbox-permit-the-clone3-system-call.patch b/src/patches/Tor-Sandbox-permit-the-clone3-system-call.patch
new file mode 100644 (file)
index 0000000..e8c6957
--- /dev/null
+++ b/src/patches/Tor-Sandbox-permit-the-clone3-system-call.patch
@@ -0,0 +1,13 @@
+diff -Naur tor-0.4.6.10.orig/src/lib/sandbox/sandbox.c tor-0.4.6.10/src/lib/sandbox/sandbox.c
+--- tor-0.4.6.10.orig/src/lib/sandbox/sandbox.c        2022-03-31 07:17:55.966217291 +0000
++++ tor-0.4.6.10/src/lib/sandbox/sandbox.c     2022-03-31 07:19:23.730134367 +0000
+@@ -151,6 +151,9 @@
+     SCMP_SYS(clock_gettime),
+     SCMP_SYS(close),
+     SCMP_SYS(clone),
++#ifdef __NR_clone3
++    SCMP_SYS(clone3),
++#endif
+     SCMP_SYS(dup),
+     SCMP_SYS(epoll_create),
+     SCMP_SYS(epoll_wait),