From: Zac Medico <zmedico@gentoo.org>
To: gentoo-portage-dev@lists.gentoo.org
Cc: Zac Medico <zmedico@gentoo.org>
Subject: [gentoo-portage-dev] [PATCH] ebuild.sh: start phases in temporary HOME if available (bug 595028)
Date: Sat, 24 Sep 2016 18:49:18 -0700 [thread overview]
Message-ID: <1474768158-16104-1-git-send-email-zmedico@gentoo.org> (raw)
This will avoid undesirable interactions with the python sitedir,
as reported in bug 574002. Since the temporary HOME is not guaranteed
to exist for some phases, use PORTAGE_PYM_PATH as a fallback. Also,
use PORTAGE_PYM_PATH inside __dyn_clean, since HOME is removed there.
X-Gentoo-Bug: 595028
X-Gentoo-Bug-URL: https://bugs.gentoo.org/595028
---
bin/ebuild.sh | 11 ++++++++---
bin/phase-functions.sh | 8 +++++---
2 files changed, 13 insertions(+), 6 deletions(-)
diff --git a/bin/ebuild.sh b/bin/ebuild.sh
index 5b3146d..4a431b4 100755
--- a/bin/ebuild.sh
+++ b/bin/ebuild.sh
@@ -167,9 +167,14 @@ export SANDBOX_ON=0
# Ensure that $PWD is sane whenever possible, to protect against
# exploitation of insecure search path for python -c in ebuilds.
-# See bug #239560 and bug #469338.
-cd "${PORTAGE_PYM_PATH}" || \
- die "PORTAGE_PYM_PATH does not exist: '${PORTAGE_PYM_PATH}'"
+# See bug #239560, bug #469338, and bug #595028.
+if [[ -d ${HOME} ]] then
+ # Use portage's temporary HOME directory if available.
+ cd "${HOME}" || die
+else
+ cd "${PORTAGE_PYM_PATH}" || \
+ die "PORTAGE_PYM_PATH does not exist: '${PORTAGE_PYM_PATH}'"
+fi
#if no perms are specified, dirs/files will have decent defaults
#(not secretive, but not stupid)
diff --git a/bin/phase-functions.sh b/bin/phase-functions.sh
index d75f43f..50f0fdb 100644
--- a/bin/phase-functions.sh
+++ b/bin/phase-functions.sh
@@ -261,6 +261,11 @@ __dyn_clean() {
chflags -R nosunlnk,nouunlnk "${PORTAGE_BUILDDIR}" 2>/dev/null
fi
+ # Some kernels, such as Solaris, return EINVAL when an attempt
+ # is made to remove the current working directory.
+ cd "${PORTAGE_PYM_PATH}" || \
+ die "PORTAGE_PYM_PATH does not exist: '${PORTAGE_PYM_PATH}'"
+
rm -rf "${PORTAGE_BUILDDIR}/image" "${PORTAGE_BUILDDIR}/homedir"
rm -f "${PORTAGE_BUILDDIR}/.installed"
@@ -288,9 +293,6 @@ __dyn_clean() {
# result in it wiping the users distfiles directory (bad).
rm -rf "${PORTAGE_BUILDDIR}/distdir"
- # Some kernels, such as Solaris, return EINVAL when an attempt
- # is made to remove the current working directory.
- cd "$PORTAGE_BUILDDIR"/../..
rmdir "$PORTAGE_BUILDDIR" 2>/dev/null
true
--
2.7.4
next reply other threads:[~2016-09-25 1:49 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-25 1:49 Zac Medico [this message]
2016-09-26 15:49 ` [gentoo-portage-dev] [PATCH] ebuild.sh: start phases in temporary HOME if available (bug 595028) Alexander Berntsen
2016-09-26 17:21 ` Zac Medico
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1474768158-16104-1-git-send-email-zmedico@gentoo.org \
--to=zmedico@gentoo.org \
--cc=gentoo-portage-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox