1 |
Ensure that the userpriv UID has appropriate permission for files |
2 |
created in $HOME during privileged phases like pkg_setup, in the |
3 |
same way as for $T. This prevents potential permission issues for |
4 |
programs invoked during unprivileged phases, and it improves |
5 |
alignment with PMS which specifies identical behavior for both |
6 |
$HOME and $T. |
7 |
|
8 |
Bug: https://bugs.gentoo.org/713100 |
9 |
Signed-off-by: Zac Medico <zmedico@g.o> |
10 |
--- |
11 |
lib/portage/package/ebuild/doebuild.py | 7 ++++--- |
12 |
1 file changed, 4 insertions(+), 3 deletions(-) |
13 |
|
14 |
diff --git a/lib/portage/package/ebuild/doebuild.py b/lib/portage/package/ebuild/doebuild.py |
15 |
index 75fcb8a51..2bff94cb1 100644 |
16 |
--- a/lib/portage/package/ebuild/doebuild.py |
17 |
+++ b/lib/portage/package/ebuild/doebuild.py |
18 |
@@ -1765,9 +1765,10 @@ def _post_phase_userpriv_perms(mysettings): |
19 |
if "userpriv" in mysettings.features and secpass >= 2: |
20 |
""" Privileged phases may have left files that need to be made |
21 |
writable to a less privileged user.""" |
22 |
- apply_recursive_permissions(mysettings["T"], |
23 |
- uid=portage_uid, gid=portage_gid, dirmode=0o700, dirmask=0, |
24 |
- filemode=0o600, filemask=0) |
25 |
+ for path in (mysettings["HOME"], mysettings["T"]): |
26 |
+ apply_recursive_permissions(path, |
27 |
+ uid=portage_uid, gid=portage_gid, dirmode=0o700, dirmask=0, |
28 |
+ filemode=0o600, filemask=0) |
29 |
|
30 |
|
31 |
def _check_build_log(mysettings, out=None): |
32 |
-- |
33 |
2.24.1 |