diff options
author | Zac Medico <zmedico@gentoo.org> | 2009-01-13 21:27:30 +0000 |
---|---|---|
committer | Zac Medico <zmedico@gentoo.org> | 2009-01-13 21:27:30 +0000 |
commit | e0dfd9cd1ed4c93647c2be20d77d2c3734e24bab (patch) | |
tree | 3e985059a62488f24b0b644c9a11c8a8775c07d7 | |
parent | 9428e019c30685c82db2449164b0028c5e633ede (diff) | |
download | portage-e0dfd9cd1ed4c93647c2be20d77d2c3734e24bab.tar.gz portage-e0dfd9cd1ed4c93647c2be20d77d2c3734e24bab.tar.bz2 portage-e0dfd9cd1ed4c93647c2be20d77d2c3734e24bab.zip |
Use a new 'usersync' feature to control dropping of privileges for --sync,
since it's fairly common for people to have inconsistent permissions between
$PORTDIR and contained files/directories.
svn path=/main/trunk/; revision=12496
-rw-r--r-- | man/make.conf.5 | 4 | ||||
-rw-r--r-- | pym/_emerge/__init__.py | 3 |
2 files changed, 6 insertions, 1 deletions
diff --git a/man/make.conf.5 b/man/make.conf.5 index 9a0261e25..83b7fa3ba 100644 --- a/man/make.conf.5 +++ b/man/make.conf.5 @@ -360,6 +360,10 @@ portage:portage without a sandbox (unless \fIusersandbox\fR is also used). .B usersandbox Enable the sandbox in the compile phase, when running without root privs (\fIuserpriv\fR). .TP +.B usersync +Drop privileges to the owner of \fBPORTDIR\fR for \fBemerge(1) --sync\fR +operations. +.TP .B webrsync-gpg Enable GPG verification when using \fIemerge\-webrsync\fR. .RE diff --git a/pym/_emerge/__init__.py b/pym/_emerge/__init__.py index 796275588..991cb2d85 100644 --- a/pym/_emerge/__init__.py +++ b/pym/_emerge/__init__.py @@ -12068,7 +12068,8 @@ def action_sync(settings, trees, mtimedb, myopts, myaction): spawn_kwargs = {} spawn_kwargs["env"] = settings.environ() - if portage.data.secpass >= 2 and \ + if 'usersync' in settings.features and \ + portage.data.secpass >= 2 and \ (st.st_uid != os.getuid() and st.st_mode & 0700 or \ st.st_gid != os.getgid() and st.st_mode & 0070): try: |