[gentoo-portage-dev] [PATCH/RFC] userinstall: new feature for running src_install as non root - gentoo-portage-dev

From:	Mike Frysinger <vapier@g.o>
To:	gentoo-portage-dev@l.g.o
Subject:	[gentoo-portage-dev] [PATCH/RFC] userinstall: new feature for running src_install as non root
Date:	Tue, 24 Nov 2015 23:11:31
Message-Id:	`1448406679-20399-1-git-send-email-vapier@gentoo.org`

1

This does not support fowners just yet as we'll need to queue/dequeue

2

the accounts on the fly.

3

4

X-Gentoo-Bug: 566614

5

X-Gentoo-Bug-URL: https://bugs.gentoo.org/566614

6

---

7

 man/make.conf.5                        |  4 ++++

8

 pym/portage/const.py                   |  1 +

9

 pym/portage/package/ebuild/config.py   | 22 +++++++++-------------

10

 pym/portage/package/ebuild/doebuild.py |  9 ++++++---

11

 4 files changed, 20 insertions(+), 16 deletions(-)

12

13

diff --git a/man/make.conf.5 b/man/make.conf.5

14

index 1d1cfeb..0c575db 100644

15

--- a/man/make.conf.5

16

+++ b/man/make.conf.5

17

@@ -648,6 +648,10 @@ checksum differs from the file that was originally installed.

18

 When portage is run as root, drop privileges to portage:portage during the

19

 fetching of package sources.

20

.TP

21

+.B userinstall

22

+When portage is run as root, drop privileges to portage:portage during the

23

+install of package sources.

24

+.TP

25

 .B userpriv

26

 Allow portage to drop root privileges and compile packages as

27

 portage:portage without a sandbox (unless \fIusersandbox\fR is also used).

28

diff --git a/pym/portage/const.py b/pym/portage/const.py

29

index 6c4f613..d895633 100644

30

--- a/pym/portage/const.py

31

+++ b/pym/portage/const.py

32

@@ -195,6 +195,7 @@ SUPPORTED_FEATURES       = frozenset([

33

 	"unmerge-orphans",

34

 	"unprivileged",

35

 	"userfetch",

36

+	"userinstall",

37

 	"userpriv",

38

 	"usersandbox",

39

 	"usersync",

40

diff --git a/pym/portage/package/ebuild/config.py b/pym/portage/package/ebuild/config.py

41

index 40aa99d..70f2276 100644

42

--- a/pym/portage/package/ebuild/config.py

43

+++ b/pym/portage/package/ebuild/config.py

44

@@ -1152,21 +1152,17 @@ class config(object):

45

 				"fakeroot binary is not installed.\n"), noiselevel=-1)

46

47

 		if os.getuid() == 0 and not hasattr(os, "setgroups"):

48

-			warning_shown = False

49

-

50

-			if "userpriv" in self.features:

51

-				writemsg(_("!!! FEATURES=userpriv is enabled, but "

52

-					"os.setgroups is not available.\n"), noiselevel=-1)

53

-				warning_shown = True

54

-

55

-			if "userfetch" in self.features:

56

-				writemsg(_("!!! FEATURES=userfetch is enabled, but "

57

-					"os.setgroups is not available.\n"), noiselevel=-1)

58

+			userfeatures = {'userfetch', 'userinstall', 'userpriv'}

59

+			enabled = userfeatures & self.features

60

+			if enabled:

61

+				writemsg(

62

+					_('!!! FEATURES="%s" is enabled, but os.setgroups is not available.\n'),

63

+					' '.join(enabled), noiselevel=-1)

64

 				warning_shown = True

65

66

-			if warning_shown and platform.python_implementation() == 'PyPy':

67

-				writemsg(_("!!! See https://bugs.pypy.org/issue833 for details.\n"),

68

-					noiselevel=-1)

69

+				if platform.python_implementation() == 'PyPy':

70

+					writemsg(_("!!! See https://bugs.pypy.org/issue833 for details.\n"),

71

+						noiselevel=-1)

72

73

 	def load_best_module(self,property_string):

74

 		best_mod = best_from_dict(property_string,self.modules,self.module_priority)

75

diff --git a/pym/portage/package/ebuild/doebuild.py b/pym/portage/package/ebuild/doebuild.py

76

index ff8958e..0fa5c20 100644

77

--- a/pym/portage/package/ebuild/doebuild.py

78

+++ b/pym/portage/package/ebuild/doebuild.py

79

@@ -1350,6 +1350,9 @@ def _spawn_actionmap(settings):

80

 	droppriv = "userpriv" in features and \

81

 		"userpriv" not in restrict and \

82

 		secpass >= 2

83

+	instpriv = "userinstall" in features and \

84

+		"userinstall" not in restrict and \

85

+		secpass >= 2

86

87

 	fakeroot = "fakeroot" in features

88

89

@@ -1370,9 +1373,9 @@ def _spawn_actionmap(settings):

90

 "configure":{"cmd":ebuild_sh, "args":{"droppriv":droppriv, "free":nosandbox, "sesandbox":sesandbox, "fakeroot":0}},

91

 "compile":  {"cmd":ebuild_sh, "args":{"droppriv":droppriv, "free":nosandbox, "sesandbox":sesandbox, "fakeroot":0}},

92

 "test":     {"cmd":ebuild_sh, "args":{"droppriv":droppriv, "free":nosandbox, "sesandbox":sesandbox, "fakeroot":0}},

93

-"install":  {"cmd":ebuild_sh, "args":{"droppriv":0,        "free":0,         "sesandbox":sesandbox, "fakeroot":fakeroot}},

94

-"rpm":      {"cmd":misc_sh,   "args":{"droppriv":0,        "free":0,         "sesandbox":0,         "fakeroot":fakeroot}},

95

-"package":  {"cmd":misc_sh,   "args":{"droppriv":0,        "free":0,         "sesandbox":0,         "fakeroot":fakeroot}},

96

+"install":  {"cmd":ebuild_sh, "args":{"droppriv":instpriv, "free":0,         "sesandbox":sesandbox, "fakeroot":fakeroot}},

97

+"rpm":      {"cmd":misc_sh,   "args":{"droppriv":instpriv, "free":0,         "sesandbox":0,         "fakeroot":fakeroot}},

98

+"package":  {"cmd":misc_sh,   "args":{"droppriv":instpriv, "free":0,         "sesandbox":0,         "fakeroot":fakeroot}},

99

}

100

101

 	return actionmap

102

--

103

2.6.2

Gentoo Archives: gentoo-portage-dev

Replies

1	This does not support fowners just yet as we'll need to queue/dequeue
2	the accounts on the fly.
3
4	X-Gentoo-Bug: 566614
5	X-Gentoo-Bug-URL: https://bugs.gentoo.org/566614
6	---
7	man/make.conf.5 \| 4 ++++
8	pym/portage/const.py \| 1 +
9	pym/portage/package/ebuild/config.py \| 22 +++++++++-------------
10	pym/portage/package/ebuild/doebuild.py \| 9 ++++++---
11	4 files changed, 20 insertions(+), 16 deletions(-)
12
13	diff --git a/man/make.conf.5 b/man/make.conf.5
14	index 1d1cfeb..0c575db 100644
15	--- a/man/make.conf.5
16	+++ b/man/make.conf.5
17	@@ -648,6 +648,10 @@ checksum differs from the file that was originally installed.
18	When portage is run as root, drop privileges to portage:portage during the
19	fetching of package sources.
20	.TP
21	+.B userinstall
22	+When portage is run as root, drop privileges to portage:portage during the
23	+install of package sources.
24	+.TP
25	.B userpriv
26	Allow portage to drop root privileges and compile packages as
27	portage:portage without a sandbox (unless \fIusersandbox\fR is also used).
28	diff --git a/pym/portage/const.py b/pym/portage/const.py
29	index 6c4f613..d895633 100644
30	--- a/pym/portage/const.py
31	+++ b/pym/portage/const.py
32	@@ -195,6 +195,7 @@ SUPPORTED_FEATURES = frozenset([
33	"unmerge-orphans",
34	"unprivileged",
35	"userfetch",
36	+ "userinstall",
37	"userpriv",
38	"usersandbox",
39	"usersync",
40	diff --git a/pym/portage/package/ebuild/config.py b/pym/portage/package/ebuild/config.py
41	index 40aa99d..70f2276 100644
42	--- a/pym/portage/package/ebuild/config.py
43	+++ b/pym/portage/package/ebuild/config.py
44	@@ -1152,21 +1152,17 @@ class config(object):
45	"fakeroot binary is not installed.\n"), noiselevel=-1)
46
47	if os.getuid() == 0 and not hasattr(os, "setgroups"):
48	- warning_shown = False
49	-
50	- if "userpriv" in self.features:
51	- writemsg(_("!!! FEATURES=userpriv is enabled, but "
52	- "os.setgroups is not available.\n"), noiselevel=-1)
53	- warning_shown = True
54	-
55	- if "userfetch" in self.features:
56	- writemsg(_("!!! FEATURES=userfetch is enabled, but "
57	- "os.setgroups is not available.\n"), noiselevel=-1)
58	+ userfeatures = {'userfetch', 'userinstall', 'userpriv'}
59	+ enabled = userfeatures & self.features
60	+ if enabled:
61	+ writemsg(
62	+ _('!!! FEATURES="%s" is enabled, but os.setgroups is not available.\n'),
63	+ ' '.join(enabled), noiselevel=-1)
64	warning_shown = True
65
66	- if warning_shown and platform.python_implementation() == 'PyPy':
67	- writemsg(_("!!! See https://bugs.pypy.org/issue833 for details.\n"),
68	- noiselevel=-1)
69	+ if platform.python_implementation() == 'PyPy':
70	+ writemsg(_("!!! See https://bugs.pypy.org/issue833 for details.\n"),
71	+ noiselevel=-1)
72
73	def load_best_module(self,property_string):
74	best_mod = best_from_dict(property_string,self.modules,self.module_priority)
75	diff --git a/pym/portage/package/ebuild/doebuild.py b/pym/portage/package/ebuild/doebuild.py
76	index ff8958e..0fa5c20 100644
77	--- a/pym/portage/package/ebuild/doebuild.py
78	+++ b/pym/portage/package/ebuild/doebuild.py
79	@@ -1350,6 +1350,9 @@ def _spawn_actionmap(settings):
80	droppriv = "userpriv" in features and \
81	"userpriv" not in restrict and \
82	secpass >= 2
83	+ instpriv = "userinstall" in features and \
84	+ "userinstall" not in restrict and \
85	+ secpass >= 2
86
87	fakeroot = "fakeroot" in features
88
89	@@ -1370,9 +1373,9 @@ def _spawn_actionmap(settings):
90	"configure":{"cmd":ebuild_sh, "args":{"droppriv":droppriv, "free":nosandbox, "sesandbox":sesandbox, "fakeroot":0}},
91	"compile": {"cmd":ebuild_sh, "args":{"droppriv":droppriv, "free":nosandbox, "sesandbox":sesandbox, "fakeroot":0}},
92	"test": {"cmd":ebuild_sh, "args":{"droppriv":droppriv, "free":nosandbox, "sesandbox":sesandbox, "fakeroot":0}},
93	-"install": {"cmd":ebuild_sh, "args":{"droppriv":0, "free":0, "sesandbox":sesandbox, "fakeroot":fakeroot}},
94	-"rpm": {"cmd":misc_sh, "args":{"droppriv":0, "free":0, "sesandbox":0, "fakeroot":fakeroot}},
95	-"package": {"cmd":misc_sh, "args":{"droppriv":0, "free":0, "sesandbox":0, "fakeroot":fakeroot}},
96	+"install": {"cmd":ebuild_sh, "args":{"droppriv":instpriv, "free":0, "sesandbox":sesandbox, "fakeroot":fakeroot}},
97	+"rpm": {"cmd":misc_sh, "args":{"droppriv":instpriv, "free":0, "sesandbox":0, "fakeroot":fakeroot}},
98	+"package": {"cmd":misc_sh, "args":{"droppriv":instpriv, "free":0, "sesandbox":0, "fakeroot":fakeroot}},
99	}
100
101	return actionmap
102	--
103	2.6.2