Lines 58-63
def portage_group_warning():
Link Here
|
58 |
# If the "wheel" group does not exist then wheelgid falls back to 0. |
58 |
# If the "wheel" group does not exist then wheelgid falls back to 0. |
59 |
# If the "portage" group does not exist then portage_uid falls back to wheelgid. |
59 |
# If the "portage" group does not exist then portage_uid falls back to wheelgid. |
60 |
|
60 |
|
|
|
61 |
# If the current user is not root, but has write access to the |
62 |
# EROOT directory (not due to the 0002 bit), then use "unprivileged" |
63 |
# mode which sets secpass = 2 and uses the UID and GID of the EROOT |
64 |
# directory to generate default PORTAGE_INST_GID, PORTAGE_INST_UID, |
65 |
# PORTAGE_USERNAME, and PORTAGE_GRPNAME settings. |
66 |
def _unprivileged_mode(eroot, eroot_st): |
67 |
return os.getuid() != 0 and os.access(eroot, os.W_OK) and \ |
68 |
not eroot_st.st_mode & 0o0002 |
69 |
|
61 |
uid=os.getuid() |
70 |
uid=os.getuid() |
62 |
wheelgid=0 |
71 |
wheelgid=0 |
63 |
|
72 |
|
Lines 77-89
def _get_global(k):
Link Here
|
77 |
if k in _initialized_globals: |
86 |
if k in _initialized_globals: |
78 |
return globals()[k] |
87 |
return globals()[k] |
79 |
|
88 |
|
80 |
if k in ('portage_gid', 'portage_uid', 'secpass'): |
89 |
if k == 'secpass': |
81 |
global portage_gid, portage_uid, secpass |
90 |
|
82 |
secpass = 0 |
91 |
unprivileged = False |
|
|
92 |
if hasattr(portage, 'settings'): |
93 |
unprivileged = "unprivileged" in portage.settings.features |
94 |
else: |
95 |
# The config class has equivalent code, but we also need to |
96 |
# do it here if _disable_legacy_globals() has been called. |
97 |
eroot = os.path.join(os.environ.get('ROOT', os.sep), |
98 |
portage.const.EPREFIX.lstrip(os.sep)) |
99 |
try: |
100 |
eroot_st = os.stat(eroot) |
101 |
except OSError: |
102 |
pass |
103 |
else: |
104 |
unprivileged = _unprivileged_mode(eroot, eroot_st) |
105 |
|
106 |
v = 0 |
83 |
if uid == 0: |
107 |
if uid == 0: |
84 |
secpass = 2 |
108 |
v = 2 |
85 |
elif portage.const.EPREFIX: |
109 |
elif unprivileged: |
86 |
secpass = 2 |
110 |
v = 2 |
|
|
111 |
elif portage_gid in os.getgroups(): |
112 |
v = 1 |
113 |
|
114 |
elif k in ('portage_gid', 'portage_uid'): |
115 |
|
87 |
#Discover the uid and gid of the portage user/group |
116 |
#Discover the uid and gid of the portage user/group |
88 |
try: |
117 |
try: |
89 |
portage_uid = pwd.getpwnam(_get_global('_portage_username')).pw_uid |
118 |
portage_uid = pwd.getpwnam(_get_global('_portage_username')).pw_uid |
Lines 93-100
def _get_global(k):
Link Here
|
93 |
# from grp.getgrnam() with PyPy 1.7 |
122 |
# from grp.getgrnam() with PyPy 1.7 |
94 |
_portage_grpname = str(_portage_grpname) |
123 |
_portage_grpname = str(_portage_grpname) |
95 |
portage_gid = grp.getgrnam(_portage_grpname).gr_gid |
124 |
portage_gid = grp.getgrnam(_portage_grpname).gr_gid |
96 |
if secpass < 1 and portage_gid in os.getgroups(): |
|
|
97 |
secpass = 1 |
98 |
except KeyError: |
125 |
except KeyError: |
99 |
portage_uid = 0 |
126 |
portage_uid = 0 |
100 |
portage_gid = 0 |
127 |
portage_gid = 0 |
Lines 110-125
def _get_global(k):
Link Here
|
110 |
noiselevel=-1) |
137 |
noiselevel=-1) |
111 |
portage_group_warning() |
138 |
portage_group_warning() |
112 |
|
139 |
|
|
|
140 |
globals()['portage_gid'] = portage_gid |
113 |
_initialized_globals.add('portage_gid') |
141 |
_initialized_globals.add('portage_gid') |
|
|
142 |
globals()['portage_uid'] = portage_uid |
114 |
_initialized_globals.add('portage_uid') |
143 |
_initialized_globals.add('portage_uid') |
115 |
_initialized_globals.add('secpass') |
|
|
116 |
|
144 |
|
117 |
if k == 'portage_gid': |
145 |
if k == 'portage_gid': |
118 |
return portage_gid |
146 |
return portage_gid |
119 |
elif k == 'portage_uid': |
147 |
elif k == 'portage_uid': |
120 |
return portage_uid |
148 |
return portage_uid |
121 |
elif k == 'secpass': |
|
|
122 |
return secpass |
123 |
else: |
149 |
else: |
124 |
raise AssertionError('unknown name: %s' % k) |
150 |
raise AssertionError('unknown name: %s' % k) |
125 |
|
151 |
|
Lines 152-162
def _get_global(k):
Link Here
|
152 |
v = os.environ[env_key] |
178 |
v = os.environ[env_key] |
153 |
elif hasattr(portage, 'settings'): |
179 |
elif hasattr(portage, 'settings'): |
154 |
v = portage.settings.get(env_key) |
180 |
v = portage.settings.get(env_key) |
155 |
elif portage.const.EPREFIX: |
181 |
else: |
156 |
# For prefix environments, default to the UID and GID of |
182 |
# The config class has equivalent code, but we also need to |
157 |
# the top-level EROOT directory. The config class has |
183 |
# do it here if _disable_legacy_globals() has been called. |
158 |
# equivalent code, but we also need to do it here if |
|
|
159 |
# _disable_legacy_globals() has been called. |
160 |
eroot = os.path.join(os.environ.get('ROOT', os.sep), |
184 |
eroot = os.path.join(os.environ.get('ROOT', os.sep), |
161 |
portage.const.EPREFIX.lstrip(os.sep)) |
185 |
portage.const.EPREFIX.lstrip(os.sep)) |
162 |
try: |
186 |
try: |
Lines 164-183
def _get_global(k):
Link Here
|
164 |
except OSError: |
188 |
except OSError: |
165 |
pass |
189 |
pass |
166 |
else: |
190 |
else: |
167 |
if k == '_portage_grpname': |
191 |
if _unprivileged_mode(eroot, eroot_st): |
168 |
try: |
192 |
if k == '_portage_grpname': |
169 |
grp_struct = grp.getgrgid(eroot_st.st_gid) |
193 |
try: |
170 |
except KeyError: |
194 |
grp_struct = grp.getgrgid(eroot_st.st_gid) |
171 |
pass |
195 |
except KeyError: |
|
|
196 |
pass |
197 |
else: |
198 |
v = grp_struct.gr_name |
172 |
else: |
199 |
else: |
173 |
v = grp_struct.gr_name |
200 |
try: |
174 |
else: |
201 |
pwd_struct = pwd.getpwuid(eroot_st.st_uid) |
175 |
try: |
202 |
except KeyError: |
176 |
pwd_struct = pwd.getpwuid(eroot_st.st_uid) |
203 |
pass |
177 |
except KeyError: |
204 |
else: |
178 |
pass |
205 |
v = pwd_struct.pw_name |
179 |
else: |
|
|
180 |
v = pwd_struct.pw_name |
181 |
|
206 |
|
182 |
if v is None: |
207 |
if v is None: |
183 |
v = 'portage' |
208 |
v = 'portage' |
Lines 220-222
def _init(settings):
Link Here
|
220 |
v = settings.get('PORTAGE_USERNAME', 'portage') |
245 |
v = settings.get('PORTAGE_USERNAME', 'portage') |
221 |
globals()['_portage_username'] = v |
246 |
globals()['_portage_username'] = v |
222 |
_initialized_globals.add('_portage_username') |
247 |
_initialized_globals.add('_portage_username') |
|
|
248 |
|
249 |
if 'secpass' not in _initialized_globals: |
250 |
v = 0 |
251 |
if uid == 0: |
252 |
v = 2 |
253 |
elif "unprivileged" in settings.features: |
254 |
v = 2 |
255 |
elif portage_gid in os.getgroups(): |
256 |
v = 1 |
257 |
globals()['secpass'] = v |
258 |
_initialized_globals.add('secpass') |