diff options
| author | Zac Medico <zmedico@gentoo.org> | 2006-03-18 23:42:00 +0000 |
|---|---|---|
| committer | Zac Medico <zmedico@gentoo.org> | 2006-03-18 23:42:00 +0000 |
| commit | f034aadcfd6887148455973bebd167961eee4b26 (patch) | |
| tree | c87353a58a2e1278b09abb1497dc9fca96c1f226 /pym | |
| parent | 06e226a59c8a47c592ee94fad05d28d4c2ccefe5 (diff) | |
| download | portage-f034aadcfd6887148455973bebd167961eee4b26.tar.gz portage-f034aadcfd6887148455973bebd167961eee4b26.tar.bz2 portage-f034aadcfd6887148455973bebd167961eee4b26.zip | |
Reset the selinux security context before returning from spawn (regression from r2834). See bug #126711.
svn path=/main/trunk/; revision=2947
Diffstat (limited to 'pym')
| -rw-r--r-- | pym/portage.py | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/pym/portage.py b/pym/portage.py index 718c136c3..c67a23981 100644 --- a/pym/portage.py +++ b/pym/portage.py @@ -1639,21 +1639,23 @@ def spawn(mystring,mysettings,debug=0,free=0,droppriv=0,sesandbox=0,fd_pipes=Non free=((droppriv and "usersandbox" not in features) or \ (not droppriv and "sandbox" not in features and "usersandbox" not in features)) + if free: + keywords["opt_name"] += " bash" + else: + keywords["opt_name"] += " sandbox" + if sesandbox: con = selinux.getcontext() con = string.replace(con, mysettings["PORTAGE_T"], mysettings["PORTAGE_SANDBOX_T"]) selinux.setexec(con) - if not free: - keywords["opt_name"] += " sandbox" - return portage_exec.spawn_sandbox(mystring,env=env,**keywords) - else: - keywords["opt_name"] += " bash" - return portage_exec.spawn_bash(mystring,env=env,**keywords) - + retval = portage_exec.spawn_bash(mystring, env=env, **keywords) + if sesandbox: selinux.setexec(None) + return retval + def fetch(myuris, mysettings, listonly=0, fetchonly=0, locks_in_subdir=".locks",use_locks=1, try_mirrors=1): "fetch files. Will use digest file if available." |