Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-portage-dev

From: Zac Medico <zmedico@g.o>
To: gentoo-portage-dev@l.g.o
Subject: Re: [gentoo-portage-dev] [PATCH] _post_src_install_uid_fix: allow files with portage group permissions (bug 600804)
Date: Wed, 30 Nov 2016 01:12:00
Message-Id: 72371eff-68e3-1eb6-2b2c-5d410768052a@gentoo.org
In Reply to: Re: [gentoo-portage-dev] [PATCH] _post_src_install_uid_fix: allow files with portage group permissions (bug 600804) by Brian Dolbec
1 On 11/29/2016 03:26 PM, Brian Dolbec wrote:
2 > On Tue, 29 Nov 2016 12:43:16 -0800
3 > Zac Medico <zmedico@g.o> wrote:
4 >
5 >> Allow ebuilds to install files with portage group permissions, as
6 >> a means to restrict access to package manager resources.
7 >>
8 >> X-Gentoo-Bug: 600804
9 >> X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=600804
10 >> ---
11 >> pym/portage/package/ebuild/doebuild.py | 9 ++++++---
12 >> 1 file changed, 6 insertions(+), 3 deletions(-)
13 >>
14 >> diff --git a/pym/portage/package/ebuild/doebuild.py
15 >> b/pym/portage/package/ebuild/doebuild.py index 52dbf8b..4baae17 100644
16 >> --- a/pym/portage/package/ebuild/doebuild.py
17 >> +++ b/pym/portage/package/ebuild/doebuild.py
18 >> @@ -2008,7 +2008,7 @@ def _postinst_bsdflags(mysettings):
19 >> def _post_src_install_uid_fix(mysettings, out):
20 >> """
21 >> Files in $D with user and group bits that match the "portage"
22 >> - user or group are automatically mapped to PORTAGE_INST_UID
23 >> and
24 >> + user and group are automatically mapped to PORTAGE_INST_UID
25 >> and PORTAGE_INST_GID if necessary. The chown system call may clear
26 >> S_ISUID and S_ISGID bits, so those bits are restored if
27 >> necessary.
28 >> @@ -2154,8 +2154,11 @@ def _post_src_install_uid_fix(mysettings, out):
29 >> mystat.st_ino not in
30 >> counted_inodes: counted_inodes.add(mystat.st_ino)
31 >> size += mystat.st_size
32 >> - if mystat.st_uid != portage_uid and \
33 >> - mystat.st_gid != portage_gid:
34 >> +
35 >> + # Only remap the UID/GID if both
36 >> match the portage user,
37 >> + # in order to avoid interference
38 >> with ebuilds that install
39 >> + # files with portage group
40 >> permissions (see bug 600804).
41 >> + if (mystat.st_uid, mystat.st_gid) !=
42 >> (portage_uid, portage_gid): continue
43 >> myuid = -1
44 >> mygid = -1
45 >
46 > looks good to me
47 >
48
49 Thanks, pushed:
50
51 https://gitweb.gentoo.org/proj/portage.git/commit/?id=f479a4cdcac5db92231f489f232f10eb934c6f12
52 --
53 Thanks,
54 Zac
Report Message
Find on MARC Find on Google Groups