diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..080658f --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +boxes/ \ No newline at end of file diff --git a/.gitignore b/.gitignore index 70bde89..f6cecb6 100644 --- a/.gitignore +++ b/.gitignore @@ -21,3 +21,17 @@ pin.log .idea .cache __pycache__ + +debian/.debhelper/ +debian/debhelper-build-stamp +debian/files +debian/*.substvars +debian/sio2jail/ +obj-*/ +ccache/ +install/ +obj-x86* +out/ + +.vscode/ +.devcontainer/ \ No newline at end of file diff --git a/CMakeLists.txt b/CMakeLists.txt index d483fdf..3c694da 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -13,8 +13,8 @@ ENDIF() IF(NOT DEFINED ARCH) SET(ARCH "NATIVE") ENDIF() -IF(NOT ARCH MATCHES "i386|x86_64|NATIVE") - MESSAGE(FATAL_ERROR "ARCH should be one of i386, x86_64, NATIVE") +IF(NOT ARCH MATCHES "i386|x86_64|amd64|NATIVE") + MESSAGE(FATAL_ERROR "ARCH should be one of i386, amd64, NATIVE") ENDIF() IF(NOT DEFINED WITH_CLANG_TIDY) @@ -43,7 +43,7 @@ ENDIF() IF(ARCH STREQUAL "i386") SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -m32") SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -m32") -ELSEIF(ARCH STREQUAL "x86_64") +ELSEIF(ARCH MATCHES "amd64|x86_64") SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -m64") SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -m64") ENDIF() diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..fb077b2 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,24 @@ +FROM debian:bullseye + +RUN apt-get update && \ + export DEBIAN_FRONTEND=noninteractive && \ + apt-get install -y \ + build-essential \ + libcap-dev \ + libtclap-dev \ + libseccomp-dev \ + libseccomp2 \ + cmake \ + g++-multilib \ + gcc-multilib \ + wget \ + devscripts \ + lintian \ + debhelper \ + ccache \ + fakeroot + +ENV LIBRARY_PATH=/usr/lib/x86_64-linux-gnu +ENV DEB_BUILD_OPTIONS "lang=en-US ccache nocheck" +WORKDIR /app +CMD ["/bin/bash"] \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..a0684bd --- /dev/null +++ b/Makefile @@ -0,0 +1,59 @@ +CC := g++ +INSTALL_PREFIX = $(HOME)/.local +CONTAINER_NAME = sio2jail-dev-container +CCACHE := $(shell ccache --version 2>/dev/null) + +ifdef CCACHE + CC := ccache +endif + +define run_in_docker + docker build -t sio2jail-dev . + - docker run -v $(shell pwd)/ccache:/ccache -v $(shell pwd):/app -e CCACHE_DIR=/ccache --rm --name $(CONTAINER_NAME) -d -it sio2jail-dev bash + docker exec $(CONTAINER_NAME) $(1) + docker exec $(CONTAINER_NAME) rm -rf build + docker stop $(CONTAINER_NAME) +endef + +install: clean + mkdir -p ccache + mkdir -p ccache/tmp + cmake -DCMAKE_CXX_COMPILER_LAUNCHER=$(CC) -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=$(INSTALL_PREFIX) . -B ./build + make -C build + make -C build install + +deb: + mkdir -p out + fakeroot debuild -us -uc -b + mv ../*.deb out/ + +release: install deb + mkdir -p out + mv $(INSTALL_PREFIX)/bin/sio2jail out/ + +release-docker: clean-docker + $(call run_in_docker,make release) + +install-docker: clean-docker + $(call run_in_docker,make install) + +deb-docker: clean-docker + $(call run_in_docker,make deb) + +test: + make -C build check + +clean: + - rm -rf build + - rm -rf out + - rm -rf obj-* + - rm -rf install + - rm -rf bin + - rm -rf debian/.debhelper + - rm -rf debian/sio2jail + - rm debian/files + - rm debian/sio2jail.substvars + +clean-docker: + - docker run -v $(shell pwd):/app --rm --name $(CONTAINER_NAME) -d -it sio2jail-dev bash + docker exec $(CONTAINER_NAME) make clean \ No newline at end of file diff --git a/README.md b/README.md index 094a008..6525ec5 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,25 @@ sio2jail ======== +Building in Docker +-------- + +Available commands: + +* `make release-docker ` - build sio2jail binary and +.deb package. + +* `make install-docker` - build sio2jail binary. + +* `make deb-docker` - build sio2jail .deb package. -building +* `make clean-docker` - clean up all temporary files. + +The output files are placed in `./out/` directory. + +For further reference and configuration see `./Makefile`. + +Building manually -------- You need a CMake, a C/C++ compiler with multilib support and python2. Any @@ -15,6 +32,9 @@ install files to ~/local directory run: cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=$HOME/local .. make && make install +For building with default configuration, see scripts in +`./Makefile`. + Our sio2jail uses some external libraries and programs: * libcap * libseccomp (>= 2.3.0) @@ -55,7 +75,7 @@ option (STATIC by default): There is also a possibility to control whether output binary should run on other architecture than the default one (or force given architecture): - -DARCH=i386|x86_64 + -DARCH=i386|amd64 Note, that when using ARCH other than build host architecture it may be necessary (depending on libraries installation) to build sio2jail with custom libseccomp (more @@ -66,7 +86,7 @@ ignore system libseccomp run: cmake -DWITH_DOCS=NO -DLIBTCLAP_PREFIX=/opt/tclap -DLIBSECCOMP_BUILD_OWN=YES .. -running +Running ------- You may need to run @@ -80,14 +100,14 @@ Additionally, if you want to use sandboxing on older Debian kernels, you'll need For both settings, you may also put these options in your /etc/sysctl.conf. This will make the settings persist across reboots. -running tests +Running tests ------------- To run test suit use 'check' target, e.g in build directory run: make check -notes for developers +Notes for developers -------------------- To manually run clang-format on each file run: diff --git a/debian/README b/debian/README new file mode 120000 index 0000000..32d46ee --- /dev/null +++ b/debian/README @@ -0,0 +1 @@ +../README.md \ No newline at end of file diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..dfa5053 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,5 @@ +sio2jail (1.4.3) UNRELEASED; urgency=medium + + * Initial Release. + + -- Michał Sidor Sun, 12 Jan 2020 15:24:25 +0100 diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..b4de394 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +11 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..06505f5 --- /dev/null +++ b/debian/control @@ -0,0 +1,16 @@ +Source: sio2jail +Section: utils +Priority: optional +Maintainer: Oi Admins +Build-Depends: debhelper (>= 11), cmake +Standards-Version: 4.1.3 +Homepage: https://github.com/sio2project/sio2jail +Vcs-Browser: https://github.com/sio2project/sio2jail +Vcs-Git: https://github.com/sio2project/sio2jail.git + +Package: sio2jail +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: Sandbox for programming contests. + A tool for supervising execution of programs + submitted in algorithmic competitions. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..e5b6117 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2018 Wojciech Dubiel, Tadeusz Dudkiewicz, Przemysław Jakub Kozłowski, Maciej Wachulec + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..c4a7245 --- /dev/null +++ b/debian/rules @@ -0,0 +1,23 @@ +#!/usr/bin/make -f + +#export DH_VERBOSE = 1 +export DEB_BUILD_MAINT_OPTIONS = hardening=+all +#export DEB_CFLAGS_MAINT_APPEND = -Wall -pedantic +#export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed + +%: + dh $@ --buildsystem=cmake + +CCACHE := $(shell ccache --version 2>/dev/null) +ifdef CCACHE + CC := ccache +endif + +OPTIONS = -DCMAKE_BUILD_TYPE=Release -DARCH=$(DEB_TARGET_ARCH) -DCMAKE_CXX_COMPILER_LAUNCHER=$(CC) -DWITH_DOCS=YES +DEPENDENCIES_CONFIG = -DLINK=STATIC -DLIBCAP_BUILD_OWN=YES -DLIBSECCOMP_BUILD_OWN=YES -DLIBTCLAP_BUILD_OWN=YES -DSCDOC_BUILD_OWN=YES + +override_dh_auto_configure: + dh_auto_configure -- $(OPTIONS) $(DEPENDENCIES_CONFIG) + +override_dh_auto_test: + echo Tests skipped diff --git a/debian/sio2jail-docs.docs b/debian/sio2jail-docs.docs new file mode 100644 index 0000000..e845566 --- /dev/null +++ b/debian/sio2jail-docs.docs @@ -0,0 +1 @@ +README diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..89ae9db --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (native) diff --git a/doc/CMakeLists.txt b/doc/CMakeLists.txt index d020991..b2cc465 100644 --- a/doc/CMakeLists.txt +++ b/doc/CMakeLists.txt @@ -4,4 +4,4 @@ ADD_CUSTOM_COMMAND(OUTPUT sio2jail.1 ADD_CUSTOM_TARGET(doc ALL DEPENDS sio2jail.1 scdoc) -INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/sio2jail.1 DESTINATION "${CMAKE_INSTALL_FULL_MANDIR}") +INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/sio2jail.1 DESTINATION "${CMAKE_INSTALL_FULL_MANDIR}/man1") diff --git a/src/s2japp/ApplicationSettings.cc b/src/s2japp/ApplicationSettings.cc index 81a7810..f5ea12a 100644 --- a/src/s2japp/ApplicationSettings.cc +++ b/src/s2japp/ApplicationSettings.cc @@ -81,7 +81,7 @@ class StringOutputGenerator : public TCLAP::StdOutput { namespace s2j { namespace app { -const std::string ApplicationSettings::VERSION = "1.4.2"; +const std::string ApplicationSettings::VERSION = "1.4.3"; const std::string ApplicationSettings::DESCRIPTION = "SIO2jail, a sandbox for programming contests.";