diff --git a/common-files/building-system-patches/0006-do-not-use-python-from-usr-bin.patch b/common-files/building-system-patches/0006-do-not-use-python-from-usr-bin.patch deleted file mode 100644 index f450403ca6..0000000000 --- a/common-files/building-system-patches/0006-do-not-use-python-from-usr-bin.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- a/scripts/build/setup/termux_setup_python_pip.sh -+++ b/scripts/build/setup/termux_setup_python_pip.sh -@@ -53,8 +53,8 @@ - - if [ ! -d "$TERMUX_PYTHON_CROSSENV_PREFIX" ]; then - cd "$TERMUX_PYTHON_CROSSENV_SRCDIR" -- /usr/bin/python${TERMUX_PYTHON_VERSION} -m crossenv \ -- "$TERMUX_PREFIX/bin/python${TERMUX_PYTHON_VERSION}" \ -+ python${TERMUX_PYTHON_VERSION} -m crossenv \ -+ "$TERMUX_PREFIX/bin/python${TERMUX_PYTHON_VERSION}" \ - "${TERMUX_PYTHON_CROSSENV_PREFIX}" - fi - . "${TERMUX_PYTHON_CROSSENV_PREFIX}/bin/activate" diff --git a/common-files/building-system-patches/0007-do-not-xz-when-debug.patch b/common-files/building-system-patches/0006-do-not-xz-when-debug.patch similarity index 100% rename from common-files/building-system-patches/0007-do-not-xz-when-debug.patch rename to common-files/building-system-patches/0006-do-not-xz-when-debug.patch diff --git a/common-files/building-system-patches/0008-allow-reuse-pr.patch b/common-files/building-system-patches/0007-allow-reuse-pr.patch similarity index 100% rename from common-files/building-system-patches/0008-allow-reuse-pr.patch rename to common-files/building-system-patches/0007-allow-reuse-pr.patch diff --git a/common-files/building-system-patches/0008-disable-apparmor.patch b/common-files/building-system-patches/0008-disable-apparmor.patch new file mode 100644 index 0000000000..00faaa01b9 --- /dev/null +++ b/common-files/building-system-patches/0008-disable-apparmor.patch @@ -0,0 +1,19 @@ +--- a/scripts/run-docker.sh ++++ b/scripts/run-docker.sh +@@ -96,7 +96,7 @@ if [ "$UNAME" = Darwin ]; then + SEC_OPT="" + else + REPOROOT="$(dirname $(readlink -f $0))/../" +- SEC_OPT=" --security-opt seccomp=$REPOROOT/scripts/profile.json --security-opt apparmor=_custom-termux-package-builder-$CONTAINER_NAME --cap-add CAP_SYS_ADMIN --device /dev/fuse" ++ SEC_OPT=" --privileged --security-opt seccomp=unconfined --cap-add CAP_SYS_ADMIN --device /dev/fuse" + fi + + if [ "${CI:-}" = "true" ]; then +@@ -135,6 +135,7 @@ APPARMOR_PARSER="" + if command -v apparmor_parser > /dev/null; then + APPARMOR_PARSER="apparmor_parser" + fi ++APPARMOR_PARSER="" + + if [ -z "$APPARMOR_PARSER" ] || ! $SUDO aa-status --enabled; then + echo "WARNING: apparmor_parser not found, AppArmor profiles will not be loaded!"