diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-07-15 22:48:37 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-07-15 22:48:37 +0000 |
| commit | 57313614561d4d7c53d7f41e33b275b6f5199fcf (patch) | |
| tree | 652f8a0e1292e01e8f5a483a10a8429b975db6d7 /chrome/browser/zygote_host_linux.cc | |
| parent | 505e780e7cabf2e30f9e786480f3b83b5936098c (diff) | |
| download | chromium_src-57313614561d4d7c53d7f41e33b275b6f5199fcf.zip chromium_src-57313614561d4d7c53d7f41e33b275b6f5199fcf.tar.gz chromium_src-57313614561d4d7c53d7f41e33b275b6f5199fcf.tar.bz2 | |
Linux: move hardcoded paths to GYP variables.
This patch removes the hardcoded paths for the sandbox binary location
and the chrome binary location for the sandbox. Instead, you can now
set GYP variables for these things. Indeed, you have to set a GYP
variable in order to use the sandbox now.
GYP variables can be set on the command line, if you run gyp.py
directly, with -D key=value. Or you can export GYP_DEFINES="key=value
key2=value2".
Now, in order to use the sandbox you should set:
linux_sandbox_path=/opt/google/chrome/chrome-sandbox
linux_sandbox_chrome_path=/opt/google/chrome/chrome
(changing the paths as needed, of course). See the comments in
build/common.gypi
For development see
http://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment
Because developers need to setup a special sandbox binary.
http://codereview.chromium.org/149689
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@20801 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/zygote_host_linux.cc')
| -rw-r--r-- | chrome/browser/zygote_host_linux.cc | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/chrome/browser/zygote_host_linux.cc b/chrome/browser/zygote_host_linux.cc index fc8b981..dad473b 100644 --- a/chrome/browser/zygote_host_linux.cc +++ b/chrome/browser/zygote_host_linux.cc @@ -22,13 +22,6 @@ #include "chrome/common/chrome_constants.h" #include "chrome/common/chrome_switches.h" -// Previously we just looked for the binary next to the Chromium binary. But -// this breaks people who do a build-all. -// NOTE packagers: change this. - -// static const char kSandboxBinary[] = "/opt/google/chrome/chrome-sandbox"; -static const char kSandboxBinary[] = "/false"; - ZygoteHost::ZygoteHost() { std::wstring chrome_path; CHECK(PathService::Get(base::FILE_EXE, &chrome_path)); @@ -51,15 +44,21 @@ ZygoteHost::ZygoteHost() { const char* sandbox_binary = NULL; struct stat st; + + // In Chromium branded builds, developers can set an environment variable to + // use the development sandbox. See + // http://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment if (stat("/proc/self/exe", &st) == 0 && st.st_uid == getuid()) { sandbox_binary = getenv("CHROME_DEVEL_SANDBOX"); } +#if defined(LINUX_SANDBOX_PATH) if (!sandbox_binary) - sandbox_binary = kSandboxBinary; + sandbox_binary = LINUX_SANDBOX_PATH; +#endif - if (stat(sandbox_binary, &st) == 0) { + if (sandbox_binary && stat(sandbox_binary, &st) == 0) { if (access(sandbox_binary, X_OK) == 0 && (st.st_mode & S_ISUID) && (st.st_mode & S_IXOTH)) { |