1 |
commit: f479a4cdcac5db92231f489f232f10eb934c6f12 |
2 |
Author: Zac Medico <zmedico <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Nov 29 20:31:06 2016 +0000 |
4 |
Commit: Zac Medico <zmedico <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Nov 30 00:32:27 2016 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=f479a4cd |
7 |
|
8 |
_post_src_install_uid_fix: allow files with portage group permissions (bug 600804) |
9 |
|
10 |
Allow ebuilds to install files with portage group permissions, as |
11 |
a means to restrict access to package manager resources. |
12 |
|
13 |
X-Gentoo-Bug: 600804 |
14 |
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=600804 |
15 |
Acked-by: Brian Dolbec <dolsen <AT> gentoo.org> |
16 |
|
17 |
pym/portage/package/ebuild/doebuild.py | 9 ++++++--- |
18 |
1 file changed, 6 insertions(+), 3 deletions(-) |
19 |
|
20 |
diff --git a/pym/portage/package/ebuild/doebuild.py b/pym/portage/package/ebuild/doebuild.py |
21 |
index 52dbf8b..4baae17 100644 |
22 |
--- a/pym/portage/package/ebuild/doebuild.py |
23 |
+++ b/pym/portage/package/ebuild/doebuild.py |
24 |
@@ -2008,7 +2008,7 @@ def _postinst_bsdflags(mysettings): |
25 |
def _post_src_install_uid_fix(mysettings, out): |
26 |
""" |
27 |
Files in $D with user and group bits that match the "portage" |
28 |
- user or group are automatically mapped to PORTAGE_INST_UID and |
29 |
+ user and group are automatically mapped to PORTAGE_INST_UID and |
30 |
PORTAGE_INST_GID if necessary. The chown system call may clear |
31 |
S_ISUID and S_ISGID bits, so those bits are restored if |
32 |
necessary. |
33 |
@@ -2154,8 +2154,11 @@ def _post_src_install_uid_fix(mysettings, out): |
34 |
mystat.st_ino not in counted_inodes: |
35 |
counted_inodes.add(mystat.st_ino) |
36 |
size += mystat.st_size |
37 |
- if mystat.st_uid != portage_uid and \ |
38 |
- mystat.st_gid != portage_gid: |
39 |
+ |
40 |
+ # Only remap the UID/GID if both match the portage user, |
41 |
+ # in order to avoid interference with ebuilds that install |
42 |
+ # files with portage group permissions (see bug 600804). |
43 |
+ if (mystat.st_uid, mystat.st_gid) != (portage_uid, portage_gid): |
44 |
continue |
45 |
myuid = -1 |
46 |
mygid = -1 |