summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorZac Medico <zmedico@gentoo.org>2010-07-09 20:55:02 -0700
committerZac Medico <zmedico@gentoo.org>2010-07-09 20:55:02 -0700
commit2428b8cbc8f90415532a7777f70bbefeb3c1b8cc (patch)
tree12d7f2d07fef5292593ee33e5fecff2f61d8526b
parent960efaf44e550808815ed4c8f1513df9d5b9eb71 (diff)
downloadportage-2428b8cbc8f90415532a7777f70bbefeb3c1b8cc.tar.gz
portage-2428b8cbc8f90415532a7777f70bbefeb3c1b8cc.tar.bz2
portage-2428b8cbc8f90415532a7777f70bbefeb3c1b8cc.zip
Bug #327507 - Drop privileges when retrieving server timestamp file and
FEATURES=usersync is enabled. This means that the uid of the temporary timestamp file needs to be temporarily adjusted.
-rw-r--r--pym/_emerge/actions.py10
1 files changed, 9 insertions, 1 deletions
diff --git a/pym/_emerge/actions.py b/pym/_emerge/actions.py
index a4b9f76ba..2e4994a22 100644
--- a/pym/_emerge/actions.py
+++ b/pym/_emerge/actions.py
@@ -1802,6 +1802,7 @@ def action_sync(settings, trees, mtimedb, myopts, myaction):
os.makedirs(myportdir,0o755)
st = os.stat(myportdir)
+ usersync_uid = None
spawn_kwargs = {}
spawn_kwargs["env"] = settings.environ()
if 'usersync' in settings.features and \
@@ -1815,6 +1816,7 @@ def action_sync(settings, trees, mtimedb, myopts, myaction):
else:
# Drop privileges when syncing, in order to match
# existing uid/gid settings.
+ usersync_uid = st.st_uid
spawn_kwargs["uid"] = st.st_uid
spawn_kwargs["gid"] = st.st_gid
spawn_kwargs["groups"] = [st.st_gid]
@@ -2064,6 +2066,9 @@ def action_sync(settings, trees, mtimedb, myopts, myaction):
from tempfile import mkstemp
fd, tmpservertimestampfile = mkstemp()
os.close(fd)
+ if usersync_uid is not None:
+ portage.util.apply_permissions(tmpservertimestampfile,
+ uid=usersync_uid)
mycommand = rsynccommand[:]
mycommand.append(dosyncuri.rstrip("/") + \
"/metadata/timestamp.chk")
@@ -2081,8 +2086,11 @@ def action_sync(settings, trees, mtimedb, myopts, myaction):
signal.alarm(rsync_initial_timeout)
try:
mypids.extend(portage.process.spawn(
- mycommand, env=settings.environ(), returnpid=True))
+ mycommand, returnpid=True, **spawn_kwargs))
exitcode = os.waitpid(mypids[0], 0)[1]
+ if usersync_uid is not None:
+ portage.util.apply_permissions(tmpservertimestampfile,
+ uid=os.getuid())
content = portage.grabfile(tmpservertimestampfile)
finally:
if rsync_initial_timeout: