1 |
Please ignor this accidental re-send, it is identical to this previous send: |
2 |
|
3 |
https://archives.gentoo.org/gentoo-portage-dev/message/a6cb4527a2aa29c3aafccc17d91b44e5 |
4 |
|
5 |
On 3/22/20 12:56 PM, Zac Medico wrote: |
6 |
> Ensure that the userpriv UID has appropriate permission for files |
7 |
> created in $HOME during privileged phases like pkg_setup, in the |
8 |
> same way as for $T. This prevents potential permission issues for |
9 |
> programs invoked during unprivileged phases, and it improves |
10 |
> alignment with PMS which specifies identical behavior for both |
11 |
> $HOME and $T. |
12 |
> |
13 |
> Bug: https://bugs.gentoo.org/713100 |
14 |
> Signed-off-by: Zac Medico <zmedico@g.o> |
15 |
> --- |
16 |
> lib/portage/package/ebuild/doebuild.py | 7 ++++--- |
17 |
> 1 file changed, 4 insertions(+), 3 deletions(-) |
18 |
> |
19 |
> diff --git a/lib/portage/package/ebuild/doebuild.py b/lib/portage/package/ebuild/doebuild.py |
20 |
> index 75fcb8a51..2bff94cb1 100644 |
21 |
> --- a/lib/portage/package/ebuild/doebuild.py |
22 |
> +++ b/lib/portage/package/ebuild/doebuild.py |
23 |
> @@ -1765,9 +1765,10 @@ def _post_phase_userpriv_perms(mysettings): |
24 |
> if "userpriv" in mysettings.features and secpass >= 2: |
25 |
> """ Privileged phases may have left files that need to be made |
26 |
> writable to a less privileged user.""" |
27 |
> - apply_recursive_permissions(mysettings["T"], |
28 |
> - uid=portage_uid, gid=portage_gid, dirmode=0o700, dirmask=0, |
29 |
> - filemode=0o600, filemask=0) |
30 |
> + for path in (mysettings["HOME"], mysettings["T"]): |
31 |
> + apply_recursive_permissions(path, |
32 |
> + uid=portage_uid, gid=portage_gid, dirmode=0o700, dirmask=0, |
33 |
> + filemode=0o600, filemask=0) |
34 |
> |
35 |
> |
36 |
> def _check_build_log(mysettings, out=None): |
37 |
> |
38 |
|
39 |
|
40 |
-- |
41 |
Thanks, |
42 |
Zac |