diff options
author | Zac Medico <zmedico@gentoo.org> | 2011-07-21 09:56:33 -0700 |
---|---|---|
committer | Zac Medico <zmedico@gentoo.org> | 2011-07-21 09:56:33 -0700 |
commit | 1fbff8957c6de3654f7901e2ed4a075b972d06dc (patch) | |
tree | 6c787db3cc449ae4851c2a1dff5116f4265e5b2a | |
parent | 02b28820ba8ea3e760110ae156c70e6ee0457048 (diff) | |
download | portage-1fbff8957c6de3654f7901e2ed4a075b972d06dc.tar.gz portage-1fbff8957c6de3654f7901e2ed4a075b972d06dc.tar.bz2 portage-1fbff8957c6de3654f7901e2ed4a075b972d06dc.zip |
BinpkgFetcher: support selinux PORTAGE_FETCH_T
Thanks to Sven Vermeulen <sven.vermeulen@siphos.be> for the initial
patch posted on bug #375835.
-rw-r--r-- | pym/_emerge/BinpkgFetcher.py | 2 | ||||
-rw-r--r-- | pym/_emerge/SpawnProcess.py | 14 |
2 files changed, 14 insertions, 2 deletions
diff --git a/pym/_emerge/BinpkgFetcher.py b/pym/_emerge/BinpkgFetcher.py index 6c1dde93e..baea4d6d7 100644 --- a/pym/_emerge/BinpkgFetcher.py +++ b/pym/_emerge/BinpkgFetcher.py @@ -100,6 +100,8 @@ class BinpkgFetcher(SpawnProcess): self.args = fetch_args self.env = fetch_env + if settings.selinux_enabled(): + self._selinux_type = settings["PORTAGE_FETCH_T"] SpawnProcess._start(self) def _pipe(self, fd_pipes): diff --git a/pym/_emerge/SpawnProcess.py b/pym/_emerge/SpawnProcess.py index bc861e9c5..b72971c87 100644 --- a/pym/_emerge/SpawnProcess.py +++ b/pym/_emerge/SpawnProcess.py @@ -8,6 +8,7 @@ import portage from portage import _encodings from portage import _unicode_encode from portage import os +from portage.const import BASH_BINARY import fcntl import errno import gzip @@ -25,7 +26,7 @@ class SpawnProcess(SubProcess): "path_lookup", "pre_exec") __slots__ = ("args",) + \ - _spawn_kwarg_names + _spawn_kwarg_names + ("_selinux_type",) _file_names = ("log", "process", "stdout") _files_dict = slot_dict_class(_file_names, prefix="") @@ -146,7 +147,16 @@ class SpawnProcess(SubProcess): return os.pipe() def _spawn(self, args, **kwargs): - return portage.process.spawn(args, **kwargs) + spawn_func = portage.process.spawn + + if self._selinux_type is not None: + spawn_func = portage.selinux.spawn_wrapper(spawn_func, + self._selinux_type) + # bash is an allowed entrypoint, while most binaries are not + if args[0] != BASH_BINARY: + args = [BASH_BINARY, "-c", "exec \"$@\"", args[0]] + args + + return spawn_func(args, **kwargs) def _output_handler(self, fd, event): |