| 1 |
Allow ebuilds to install files with portage group permissions, as |
| 2 |
a means to restrict access to package manager resources. |
| 3 |
|
| 4 |
X-Gentoo-Bug: 600804 |
| 5 |
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=600804 |
| 6 |
--- |
| 7 |
pym/portage/package/ebuild/doebuild.py | 9 ++++++--- |
| 8 |
1 file changed, 6 insertions(+), 3 deletions(-) |
| 9 |
|
| 10 |
diff --git a/pym/portage/package/ebuild/doebuild.py b/pym/portage/package/ebuild/doebuild.py |
| 11 |
index 52dbf8b..4baae17 100644 |
| 12 |
--- a/pym/portage/package/ebuild/doebuild.py |
| 13 |
+++ b/pym/portage/package/ebuild/doebuild.py |
| 14 |
@@ -2008,7 +2008,7 @@ def _postinst_bsdflags(mysettings): |
| 15 |
def _post_src_install_uid_fix(mysettings, out): |
| 16 |
""" |
| 17 |
Files in $D with user and group bits that match the "portage" |
| 18 |
- user or group are automatically mapped to PORTAGE_INST_UID and |
| 19 |
+ user and group are automatically mapped to PORTAGE_INST_UID and |
| 20 |
PORTAGE_INST_GID if necessary. The chown system call may clear |
| 21 |
S_ISUID and S_ISGID bits, so those bits are restored if |
| 22 |
necessary. |
| 23 |
@@ -2154,8 +2154,11 @@ def _post_src_install_uid_fix(mysettings, out): |
| 24 |
mystat.st_ino not in counted_inodes: |
| 25 |
counted_inodes.add(mystat.st_ino) |
| 26 |
size += mystat.st_size |
| 27 |
- if mystat.st_uid != portage_uid and \ |
| 28 |
- mystat.st_gid != portage_gid: |
| 29 |
+ |
| 30 |
+ # Only remap the UID/GID if both match the portage user, |
| 31 |
+ # in order to avoid interference with ebuilds that install |
| 32 |
+ # files with portage group permissions (see bug 600804). |
| 33 |
+ if (mystat.st_uid, mystat.st_gid) != (portage_uid, portage_gid): |
| 34 |
continue |
| 35 |
myuid = -1 |
| 36 |
mygid = -1 |
| 37 |
-- |
| 38 |
2.7.4 |
Archives