From 9e4537fded4b21e8b237523e4810adc2689abc21 Mon Sep 17 00:00:00 2001
From: Xavier Moffett <sapphirus@azorium.net>
Date: Tue, 10 Sep 2024 20:05:17 -0400
Subject: [PATCH] `disable_sandbox` option for global configuration

---
 pacwrap-core/dist/pacwrap.yml     | 3 ++-
 pacwrap-core/src/config/global.rs | 7 +++++++
 pacwrap-core/src/sync.rs          | 2 ++
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/pacwrap-core/dist/pacwrap.yml b/pacwrap-core/dist/pacwrap.yml
index f608a5c..525efe5 100644
--- a/pacwrap-core/dist/pacwrap.yml
+++ b/pacwrap-core/dist/pacwrap.yml
@@ -17,4 +17,5 @@ alpm:
   sig_level_local: Optional
   #parallel_downloads: 5
   #check_space: true
-  #download_timeout: true"
+  #download_timeout: true
+  #disable_sandbox: false
diff --git a/pacwrap-core/src/config/global.rs b/pacwrap-core/src/config/global.rs
index 7cb577a..dcfa0dd 100644
--- a/pacwrap-core/src/config/global.rs
+++ b/pacwrap-core/src/config/global.rs
@@ -103,6 +103,8 @@ pub struct AlpmConfiguration {
     check_space: bool,
     #[serde(default = "default_true")]
     download_timeout: bool,
+    #[serde(default)]
+    disable_sandbox: bool,
 }
 
 impl Configuration {
@@ -146,6 +148,7 @@ impl AlpmConfiguration {
             parallel_downloads: parallel_downloads(),
             check_space: true,
             download_timeout: true,
+            disable_sandbox: false,
         }
     }
 
@@ -165,6 +168,10 @@ impl AlpmConfiguration {
         self.check_space
     }
 
+    pub fn disable_sandbox(&self) -> bool {
+        self.disable_sandbox
+    }
+
     pub fn held(&self) -> Vec<&str> {
         self.hold_pkg.iter().map(|a| a.as_ref()).collect()
     }
diff --git a/pacwrap-core/src/sync.rs b/pacwrap-core/src/sync.rs
index 629d194..de3d3dd 100644
--- a/pacwrap-core/src/sync.rs
+++ b/pacwrap-core/src/sync.rs
@@ -196,6 +196,7 @@ pub fn instantiate_alpm_agent(config: &Global, remotes: &AlpmConfigData) -> Alpm
     let mut handle = Alpm::new("/mnt/fs", "/mnt/fs/var/lib/pacman/").unwrap();
     let hook_dirs = vec!["/mnt/fs/usr/share/libalpm/hooks/", "/mnt/fs/etc/pacman.d/hooks/"];
 
+    handle.set_disable_sandbox(config.alpm().disable_sandbox());
     handle.set_logfile("/mnt/share/pacwrap.log").unwrap();
     handle.set_hookdirs(hook_dirs.iter()).unwrap();
     handle.set_cachedirs(vec!["/mnt/share/cache"].iter()).unwrap();
@@ -215,6 +216,7 @@ pub fn instantiate_alpm(inshandle: &ContainerHandle) -> Alpm {
 fn alpm_handle(insvars: &ContainerVariables, db_path: String, remotes: &AlpmConfigData) -> Alpm {
     let mut handle = Alpm::new(insvars.root(), &db_path).unwrap();
 
+    handle.set_disable_sandbox(CONFIG.alpm().disable_sandbox());
     handle.set_cachedirs(vec![format!("{}/pkg", *CACHE_DIR)].iter()).unwrap();
     handle.set_gpgdir(format!("{}/pacman/gnupg", *DATA_DIR)).unwrap();
     handle.set_logfile(format!("{}/pacwrap.log", *DATA_DIR)).unwrap();