Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-portage-dev

From: Brian Dolbec <dolsen@g.o>
To: gentoo-portage-dev@l.g.o
Subject: Re: [gentoo-portage-dev] [PATCH] _post_src_install_uid_fix: allow files with portage group permissions (bug 600804)
Date: Tue, 29 Nov 2016 23:26:31
Message-Id: 20161129152625.17799738.dolsen@gentoo.org
In Reply to: [gentoo-portage-dev] [PATCH] _post_src_install_uid_fix: allow files with portage group permissions (bug 600804) by Zac Medico
1 On Tue, 29 Nov 2016 12:43:16 -0800
2 Zac Medico <zmedico@g.o> wrote:
3
4 > Allow ebuilds to install files with portage group permissions, as
5 > a means to restrict access to package manager resources.
6 >
7 > X-Gentoo-Bug: 600804
8 > X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=600804
9 > ---
10 > pym/portage/package/ebuild/doebuild.py | 9 ++++++---
11 > 1 file changed, 6 insertions(+), 3 deletions(-)
12 >
13 > diff --git a/pym/portage/package/ebuild/doebuild.py
14 > b/pym/portage/package/ebuild/doebuild.py index 52dbf8b..4baae17 100644
15 > --- a/pym/portage/package/ebuild/doebuild.py
16 > +++ b/pym/portage/package/ebuild/doebuild.py
17 > @@ -2008,7 +2008,7 @@ def _postinst_bsdflags(mysettings):
18 > def _post_src_install_uid_fix(mysettings, out):
19 > """
20 > Files in $D with user and group bits that match the "portage"
21 > - user or group are automatically mapped to PORTAGE_INST_UID
22 > and
23 > + user and group are automatically mapped to PORTAGE_INST_UID
24 > and PORTAGE_INST_GID if necessary. The chown system call may clear
25 > S_ISUID and S_ISGID bits, so those bits are restored if
26 > necessary.
27 > @@ -2154,8 +2154,11 @@ def _post_src_install_uid_fix(mysettings, out):
28 > mystat.st_ino not in
29 > counted_inodes: counted_inodes.add(mystat.st_ino)
30 > size += mystat.st_size
31 > - if mystat.st_uid != portage_uid and \
32 > - mystat.st_gid != portage_gid:
33 > +
34 > + # Only remap the UID/GID if both
35 > match the portage user,
36 > + # in order to avoid interference
37 > with ebuilds that install
38 > + # files with portage group
39 > permissions (see bug 600804).
40 > + if (mystat.st_uid, mystat.st_gid) !=
41 > (portage_uid, portage_gid): continue
42 > myuid = -1
43 > mygid = -1
44
45 looks good to me
46
47 --
48 Brian Dolbec <dolsen>

Replies

Subject Author
Re: [gentoo-portage-dev] [PATCH] _post_src_install_uid_fix: allow files with portage group permissions (bug 600804) Zac Medico <zmedico@g.o>
Report Message
Find on MARC Find on Google Groups