From 1f523e19589b2042098df013058223181f0fe14e Mon Sep 17 00:00:00 2001
From: Zac Medico <zmedico@gentoo.org>
Date: Mon, 22 May 2006 05:59:02 +0000
Subject: Fix userfetch so that it works regardless of whether or not userpriv
 is enabled for bug #133995.  I've used portage_exec.spawn_bash() here because
 portage.spawn() should really only be used for actual ebuild phases in
 doebuild() and spawnebuild().

svn path=/main/trunk/; revision=3387
---
 pym/portage.py | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/pym/portage.py b/pym/portage.py
index 7522dc18a..e46e3b62d 100644
--- a/pym/portage.py
+++ b/pym/portage.py
@@ -2144,15 +2144,29 @@ def fetch(myuris, mysettings, listonly=0, fetchonly=0, locks_in_subdir=".locks",
 					writemsg(">>> Downloading "+str(loc)+"\n")
 					myfetch=string.replace(locfetch,"${URI}",loc)
 					myfetch=string.replace(myfetch,"${FILE}",myfile)
+
+					spawn_keywords = {}
+					if "userfetch" in mysettings.features and \
+						os.getuid() == 0 and portage_gid and portage_uid:
+						spawn_keywords.update({
+							"uid"    : portage_uid,
+							"gid"    : portage_gid,
+							"groups" : [portage_gid],
+							"umask"  : 002})
+
 					try:
+
 						if mysettings.selinux_enabled():
 							con = selinux.getcontext()
 							con = string.replace(con, mysettings["PORTAGE_T"], mysettings["PORTAGE_FETCH_T"])
 							selinux.setexec(con)
-							myret = spawn(myfetch, mysettings, free=1, droppriv=("userfetch" in mysettings.features))
+
+						myret = portage_exec.spawn_bash(myfetch,
+							env=mysettings.environ(), **spawn_keywords)
+
+						if mysettings.selinux_enabled():
 							selinux.setexec(None)
-						else:
-							myret = spawn(myfetch, mysettings, free=1, droppriv=("userfetch" in mysettings.features))
+
 					finally:
 						#if root, -always- set the perms.
 						if os.path.exists(mysettings["DISTDIR"]+"/"+myfile) and (fetched != 1 or os.getuid() == 0) \
-- 
cgit v1.2.3-1-g7c22