* [gentoo-commits] portage r12448 - main/branches/2.1.6/pym/_emerge
@ 2009-01-12 8:13 Zac Medico (zmedico)
0 siblings, 0 replies; only message in thread
From: Zac Medico (zmedico) @ 2009-01-12 8:13 UTC (permalink / raw
To: gentoo-commits
Author: zmedico
Date: 2009-01-12 08:13:24 +0000 (Mon, 12 Jan 2009)
New Revision: 12448
Modified:
main/branches/2.1.6/pym/_emerge/__init__.py
Log:
Inside action_sync(), when running as root, detect if $PORTDIR has non-root
uid/gid bits and drop privileges to match the existing bits if appropriate.
(trunk r12378)
Modified: main/branches/2.1.6/pym/_emerge/__init__.py
===================================================================
--- main/branches/2.1.6/pym/_emerge/__init__.py 2009-01-12 08:13:04 UTC (rev 12447)
+++ main/branches/2.1.6/pym/_emerge/__init__.py 2009-01-12 08:13:24 UTC (rev 12448)
@@ -8,6 +8,7 @@
import fcntl
import formatter
import logging
+import pwd
import select
import shlex
import shutil
@@ -11619,9 +11620,32 @@
sys.exit(1)
if myportdir[-1]=="/":
myportdir=myportdir[:-1]
- if not os.path.exists(myportdir):
+ try:
+ st = os.stat(myportdir)
+ except OSError:
+ st = None
+ if st is None:
print ">>>",myportdir,"not found, creating it."
os.makedirs(myportdir,0755)
+ st = os.stat(myportdir)
+
+ spawn_kwargs = {}
+ spawn_kwargs["env"] = settings.environ()
+ if portage.data.secpass >= 2 and \
+ (st.st_uid != os.getuid() and st.st_mode & 0700 or \
+ st.st_gid != os.getgid() and st.st_mode & 0070):
+ try:
+ homedir = pwd.getpwuid(st.st_uid).pw_dir
+ except KeyError:
+ pass
+ else:
+ # Drop privileges when syncing, in order to match
+ # existing uid/gid settings.
+ spawn_kwargs["uid"] = st.st_uid
+ spawn_kwargs["gid"] = st.st_gid
+ spawn_kwargs["groups"] = [st.st_gid]
+ spawn_kwargs["env"]["HOME"] = homedir
+
syncuri = settings.get("SYNC", "").strip()
if not syncuri:
writemsg_level("!!! SYNC is undefined. Is /etc/make.globals missing?\n",
@@ -11645,8 +11669,8 @@
msg = ">>> Starting git pull in %s..." % myportdir
emergelog(xterm_titles, msg )
writemsg_level(msg + "\n")
- exitcode = portage.spawn("cd %s ; git pull" % \
- (portage._shell_quote(myportdir),), settings, free=1)
+ exitcode = portage.process.spawn_bash("cd %s ; git pull" % \
+ (portage._shell_quote(myportdir),), **spawn_kwargs)
if exitcode != os.EX_OK:
msg = "!!! git pull error in %s." % myportdir
emergelog(xterm_titles, msg)
@@ -11939,8 +11963,7 @@
elif (servertimestamp == 0) or (servertimestamp > mytimestamp):
# actual sync
mycommand = rsynccommand + [dosyncuri+"/", myportdir]
- exitcode = portage.process.spawn(mycommand,
- env=settings.environ())
+ exitcode = portage.process.spawn(mycommand, **spawn_kwargs)
if exitcode in [0,1,3,4,11,14,20,21]:
break
elif exitcode in [1,3,4,11,14,20,21]:
@@ -12023,8 +12046,9 @@
else:
#cvs update
print ">>> Starting cvs update with "+syncuri+"..."
- retval = portage.spawn("cd '%s'; cvs -z0 -q update -dP" % \
- myportdir, settings, free=1)
+ retval = portage.process.spawn_bash(
+ "cd %s; cvs -z0 -q update -dP" % \
+ (portage._shell_quote(myportdir),), **spawn_kwargs)
if retval != os.EX_OK:
sys.exit(retval)
dosyncuri = syncuri
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2009-01-12 8:13 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-01-12 8:13 [gentoo-commits] portage r12448 - main/branches/2.1.6/pym/_emerge Zac Medico (zmedico)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox