|
Lines 58-63
def portage_group_warning():
Link Here
|
| 58 |
# If the "wheel" group does not exist then wheelgid falls back to 0. |
58 |
# If the "wheel" group does not exist then wheelgid falls back to 0. |
| 59 |
# If the "portage" group does not exist then portage_uid falls back to wheelgid. |
59 |
# If the "portage" group does not exist then portage_uid falls back to wheelgid. |
| 60 |
|
60 |
|
|
|
61 |
# If the current user is not root, but has write access to the |
| 62 |
# EROOT directory (not due to the 0002 bit), then use "unprivileged" |
| 63 |
# mode which sets secpass = 2 and uses the UID and GID of the EROOT |
| 64 |
# directory to generate default PORTAGE_INST_GID, PORTAGE_INST_UID, |
| 65 |
# PORTAGE_USERNAME, and PORTAGE_GRPNAME settings. |
| 66 |
def _unprivileged_mode(eroot, eroot_st): |
| 67 |
return os.getuid() != 0 and os.access(eroot, os.W_OK) and \ |
| 68 |
not eroot_st.st_mode & 0o0002 |
| 69 |
|
| 61 |
uid=os.getuid() |
70 |
uid=os.getuid() |
| 62 |
wheelgid=0 |
71 |
wheelgid=0 |
| 63 |
|
72 |
|
|
Lines 77-89
def _get_global(k):
Link Here
|
| 77 |
if k in _initialized_globals: |
86 |
if k in _initialized_globals: |
| 78 |
return globals()[k] |
87 |
return globals()[k] |
| 79 |
|
88 |
|
| 80 |
if k in ('portage_gid', 'portage_uid', 'secpass'): |
89 |
if k == 'secpass': |
| 81 |
global portage_gid, portage_uid, secpass |
90 |
|
| 82 |
secpass = 0 |
91 |
unprivileged = False |
|
|
92 |
if hasattr(portage, 'settings'): |
| 93 |
unprivileged = "unprivileged" in portage.settings.features |
| 94 |
else: |
| 95 |
# The config class has equivalent code, but we also need to |
| 96 |
# do it here if _disable_legacy_globals() has been called. |
| 97 |
eroot = os.path.join(os.environ.get('ROOT', os.sep), |
| 98 |
portage.const.EPREFIX.lstrip(os.sep)) |
| 99 |
try: |
| 100 |
eroot_st = os.stat(eroot) |
| 101 |
except OSError: |
| 102 |
pass |
| 103 |
else: |
| 104 |
unprivileged = _unprivileged_mode(eroot, eroot_st) |
| 105 |
|
| 106 |
v = 0 |
| 83 |
if uid == 0: |
107 |
if uid == 0: |
| 84 |
secpass = 2 |
108 |
v = 2 |
| 85 |
elif portage.const.EPREFIX: |
109 |
elif unprivileged: |
| 86 |
secpass = 2 |
110 |
v = 2 |
|
|
111 |
elif portage_gid in os.getgroups(): |
| 112 |
v = 1 |
| 113 |
|
| 114 |
elif k in ('portage_gid', 'portage_uid'): |
| 115 |
|
| 87 |
#Discover the uid and gid of the portage user/group |
116 |
#Discover the uid and gid of the portage user/group |
| 88 |
try: |
117 |
try: |
| 89 |
portage_uid = pwd.getpwnam(_get_global('_portage_username')).pw_uid |
118 |
portage_uid = pwd.getpwnam(_get_global('_portage_username')).pw_uid |
|
Lines 93-100
def _get_global(k):
Link Here
|
| 93 |
# from grp.getgrnam() with PyPy 1.7 |
122 |
# from grp.getgrnam() with PyPy 1.7 |
| 94 |
_portage_grpname = str(_portage_grpname) |
123 |
_portage_grpname = str(_portage_grpname) |
| 95 |
portage_gid = grp.getgrnam(_portage_grpname).gr_gid |
124 |
portage_gid = grp.getgrnam(_portage_grpname).gr_gid |
| 96 |
if secpass < 1 and portage_gid in os.getgroups(): |
|
|
| 97 |
secpass = 1 |
| 98 |
except KeyError: |
125 |
except KeyError: |
| 99 |
portage_uid = 0 |
126 |
portage_uid = 0 |
| 100 |
portage_gid = 0 |
127 |
portage_gid = 0 |
|
Lines 110-125
def _get_global(k):
Link Here
|
| 110 |
noiselevel=-1) |
137 |
noiselevel=-1) |
| 111 |
portage_group_warning() |
138 |
portage_group_warning() |
| 112 |
|
139 |
|
|
|
140 |
globals()['portage_gid'] = portage_gid |
| 113 |
_initialized_globals.add('portage_gid') |
141 |
_initialized_globals.add('portage_gid') |
|
|
142 |
globals()['portage_uid'] = portage_uid |
| 114 |
_initialized_globals.add('portage_uid') |
143 |
_initialized_globals.add('portage_uid') |
| 115 |
_initialized_globals.add('secpass') |
|
|
| 116 |
|
144 |
|
| 117 |
if k == 'portage_gid': |
145 |
if k == 'portage_gid': |
| 118 |
return portage_gid |
146 |
return portage_gid |
| 119 |
elif k == 'portage_uid': |
147 |
elif k == 'portage_uid': |
| 120 |
return portage_uid |
148 |
return portage_uid |
| 121 |
elif k == 'secpass': |
|
|
| 122 |
return secpass |
| 123 |
else: |
149 |
else: |
| 124 |
raise AssertionError('unknown name: %s' % k) |
150 |
raise AssertionError('unknown name: %s' % k) |
| 125 |
|
151 |
|
|
Lines 152-162
def _get_global(k):
Link Here
|
| 152 |
v = os.environ[env_key] |
178 |
v = os.environ[env_key] |
| 153 |
elif hasattr(portage, 'settings'): |
179 |
elif hasattr(portage, 'settings'): |
| 154 |
v = portage.settings.get(env_key) |
180 |
v = portage.settings.get(env_key) |
| 155 |
elif portage.const.EPREFIX: |
181 |
else: |
| 156 |
# For prefix environments, default to the UID and GID of |
182 |
# The config class has equivalent code, but we also need to |
| 157 |
# the top-level EROOT directory. The config class has |
183 |
# do it here if _disable_legacy_globals() has been called. |
| 158 |
# equivalent code, but we also need to do it here if |
|
|
| 159 |
# _disable_legacy_globals() has been called. |
| 160 |
eroot = os.path.join(os.environ.get('ROOT', os.sep), |
184 |
eroot = os.path.join(os.environ.get('ROOT', os.sep), |
| 161 |
portage.const.EPREFIX.lstrip(os.sep)) |
185 |
portage.const.EPREFIX.lstrip(os.sep)) |
| 162 |
try: |
186 |
try: |
|
Lines 164-183
def _get_global(k):
Link Here
|
| 164 |
except OSError: |
188 |
except OSError: |
| 165 |
pass |
189 |
pass |
| 166 |
else: |
190 |
else: |
| 167 |
if k == '_portage_grpname': |
191 |
if _unprivileged_mode(eroot, eroot_st): |
| 168 |
try: |
192 |
if k == '_portage_grpname': |
| 169 |
grp_struct = grp.getgrgid(eroot_st.st_gid) |
193 |
try: |
| 170 |
except KeyError: |
194 |
grp_struct = grp.getgrgid(eroot_st.st_gid) |
| 171 |
pass |
195 |
except KeyError: |
|
|
196 |
pass |
| 197 |
else: |
| 198 |
v = grp_struct.gr_name |
| 172 |
else: |
199 |
else: |
| 173 |
v = grp_struct.gr_name |
200 |
try: |
| 174 |
else: |
201 |
pwd_struct = pwd.getpwuid(eroot_st.st_uid) |
| 175 |
try: |
202 |
except KeyError: |
| 176 |
pwd_struct = pwd.getpwuid(eroot_st.st_uid) |
203 |
pass |
| 177 |
except KeyError: |
204 |
else: |
| 178 |
pass |
205 |
v = pwd_struct.pw_name |
| 179 |
else: |
|
|
| 180 |
v = pwd_struct.pw_name |
| 181 |
|
206 |
|
| 182 |
if v is None: |
207 |
if v is None: |
| 183 |
v = 'portage' |
208 |
v = 'portage' |
|
Lines 220-222
def _init(settings):
Link Here
|
| 220 |
v = settings.get('PORTAGE_USERNAME', 'portage') |
245 |
v = settings.get('PORTAGE_USERNAME', 'portage') |
| 221 |
globals()['_portage_username'] = v |
246 |
globals()['_portage_username'] = v |
| 222 |
_initialized_globals.add('_portage_username') |
247 |
_initialized_globals.add('_portage_username') |
|
|
248 |
|
| 249 |
if 'secpass' not in _initialized_globals: |
| 250 |
v = 0 |
| 251 |
if uid == 0: |
| 252 |
v = 2 |
| 253 |
elif "unprivileged" in settings.features: |
| 254 |
v = 2 |
| 255 |
elif portage_gid in os.getgroups(): |
| 256 |
v = 1 |
| 257 |
globals()['secpass'] = v |
| 258 |
_initialized_globals.add('secpass') |
