diff --git a/NEWS b/NEWS index 9cf575e2..31ad8aed 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,8 @@ xbps-0.52 (???): + * libxbps: package INSTALL/REMOVE scripts are now executed via + posix_spawn(3), replacing vfork(3). + * libxbps: package INSTALL/REMOVE scripts do not need to be executables anymore because they are executed with "/bin/sh" directly. That means "/tmp" can be mounted as "noexec". Fixed #149 correctly. diff --git a/lib/external/fexec.c b/lib/external/fexec.c index 00eff213..cc2cf166 100644 --- a/lib/external/fexec.c +++ b/lib/external/fexec.c @@ -37,6 +37,7 @@ #include #include #include +#include #undef _DEFAULT_SOURCE #undef _BSD_SOURCE @@ -48,7 +49,10 @@ pfcexec(struct xbps_handle *xhp, const char *file, const char **argv) pid_t child; int status; - child = vfork(); + if (posix_spawn(&child, file, NULL, NULL, + (char* const*)__UNCONST(argv), NULL) != 0) + return -1; + switch (child) { case 0: /*