Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 6546 Details for
Bug 11189
Do src_compile as a normal user without preloading a library
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
portage-usermode-20021216.patch
portage-usermode.patch (text/plain), 6.49 KB, created by
Stefan Jones (RETIRED)
on 2002-12-16 15:23:08 UTC
(
hide
)
Description:
portage-usermode-20021216.patch
Filename:
MIME Type:
Creator:
Stefan Jones (RETIRED)
Created:
2002-12-16 15:23:08 UTC
Size:
6.49 KB
patch
obsolete
>Index: bin/ebuild.sh >=================================================================== >RCS file: /mnt/gentoo/cvsroot/gentoo-src/portage/bin/ebuild.sh,v >retrieving revision 1.84 >diff -u -r1.84 ebuild.sh >--- bin/ebuild.sh 2002/12/11 15:22:52 1.84 >+++ bin/ebuild.sh 2002/12/16 21:14:48 >@@ -21,6 +21,13 @@ > return 1 > } > >+if [ `id -nu` = "portage" ] ; then >+ export HOME=${PORTAGE_TMPDIR}/portage >+ export CCACHE_DIR=${HOME}/.ccache >+ export USER=portage >+ export BASH_ENV=${HOME}/.bashrc >+fi >+ > has() { > local x > >@@ -787,6 +794,8 @@ > > # default target > [ -n "$T" ] && echo $1 >> ${T}/eclass-debug.log >+ # let the portage user own/write to this file >+ [ -n "$T" ] && chown portage.portage ${T}/eclass-debug.log > > shift > done >Index: pym/portage.py >=================================================================== >RCS file: /mnt/gentoo/cvsroot/gentoo-src/portage/pym/portage.py,v >retrieving revision 1.251 >diff -u -r1.251 portage.py >--- pym/portage.py 2002/12/15 22:30:35 1.251 >+++ pym/portage.py 2002/12/16 21:14:48 >@@ -7,7 +7,7 @@ > from stat import * > from commands import * > from select import * >-import string,os,types,sys,shlex,shutil,xpak,fcntl,signal,time,missingos,cPickle,atexit,grp,traceback >+import string,os,types,sys,shlex,shutil,xpak,fcntl,signal,time,missingos,cPickle,atexit,grp,traceback,pwd > > #Secpass will be set to 1 if the user is root or in the wheel group. > uid=os.getuid() >@@ -23,6 +23,16 @@ > print "Please fix this so that Portage can operate correctly (It's normally GID 10)" > pass > >+#Discover the uid and gid of the portage user/group >+try: >+ portage_uid=pwd.getpwnam("portage")[2] >+ portage_gid=grp.getgrnam("portage")[2] >+except KeyError: >+ print "portage initialization: your system doesn't have a \"portage\" user or group." >+ print "Please fix this so that Portage can operate correctly" >+ print "exiting." >+ sys.exit(1) >+ > incrementals=["USE","FEATURES","ACCEPT_KEYWORDS","ACCEPT_LICENSE","CONFIG_PROTECT_MASK","CONFIG_PROTECT"] > stickies=["KEYWORDS_ACCEPT","USE","CFLAGS","CXXFLAGS","MAKEOPTS","EXTRA_ECONF","EXTRA_EMAKE"] > >@@ -885,7 +895,7 @@ > mydict["HOME"]=mydict["PORTAGE_TMPDIR"] > return mydict > >-def spawn(mystring,debug=0,free=0): >+def spawn(mystring,debug=0,free=0,nodrop=1): > """spawn a subprocess with optional sandbox protection, > depending on whether sandbox is enabled. The "free" argument, > when set to 1, will disable sandboxing. This allows us to >@@ -909,6 +919,10 @@ > myargs=["bash","-x","-c",mystring] > else: > myargs=["bash","-c",mystring] >+ if (not nodrop): >+ #drop root privileges, become the 'portage' user >+ os.setgid(portage_gid) >+ os.setuid(portage_uid) > os.execve(mycommand,myargs,settings.environ()) > # If the execve fails, we need to report it, and exit > # *carefully* >@@ -1131,6 +1145,23 @@ > print ">>> md5 ;-)",x > return 1 > >+# parse actionmap to spawn ebuild with the appropriate args >+def spawnebuild(mydo,actionmap,debug,alwaysdep=0): >+ if alwaysdep or not ("noauto" in features): >+ # process dependency first >+ if "dep" in actionmap[mydo].keys(): >+ retval=spawnebuild(actionmap[mydo]["dep"],actionmap,debug,alwaysdep) >+ if retval: return retval >+ # spawn ebuild.sh >+ mycommand="/usr/sbin/ebuild.sh " >+ todo=mydo.split() >+ if ("unpack" in todo) or ("compile" in todo) or ("install" in todo): >+ mycommand="/usr/sbin/ebuild.sh setup " >+ return spawn("/usr/sbin/ebuild.sh " + mydo,debug, >+ actionmap[mydo]["args"][0], >+ actionmap[mydo]["args"][1] >+ ) >+ > # "checkdeps" support has been deprecated. Relying on emerge to handle it. > def doebuild(myebuild,mydo,myroot,debug=0,listonly=0): > global settings >@@ -1181,10 +1212,12 @@ > try: > if not os.path.exists(settings["BUILDDIR"]) and mydo!="depend": > os.makedirs(settings["BUILDDIR"]) >+ os.chown(settings["BUILDDIR"],portage_uid,portage_gid) > # Should be ok again to set $T, as sandbox do not depend on it > settings["T"]=settings["BUILDDIR"]+"/temp" > if not os.path.exists(settings["T"]) and mydo!="depend": > os.makedirs(settings["T"]) >+ os.chown(settings["T"],portage_uid,portage_gid) > except OSError, e: > print "!!! File system problem. (ReadOnly?)" > print "!!!"+str(e) >@@ -1266,22 +1299,21 @@ > return 1 > > #initial dep checks complete; time to process main commands >- >- actionmap={ "unpack":"setup unpack", >- "compile":"setup unpack compile", >- "install":"setup unpack compile install", >- "rpm":"setup unpack compile install rpm" >- } >+ >+ actionmap={ >+ "setup": { "args":(1,1)}, # no sandbox, as root >+ "unpack": {"dep":"setup", "args":(0,0)}, # w/ sandbox, as portage >+ "compile": {"dep":"unpack", "args":(1,0)}, # no sandbox, as portage >+ "install": {"dep":"compile", "args":(0,1)}, # w/ sandbox, as root >+ "rpm": {"dep":"install", "args":(0,1)}, # w/ sandbox, as root >+ } > if mydo in actionmap.keys(): >- if "noauto" in features: >- return spawn("/usr/sbin/ebuild.sh "+mydo,debug) >- else: >- return spawn("/usr/sbin/ebuild.sh "+actionmap[mydo],debug) >+ return spawnebuild(mydo,actionmap,debug) > elif mydo=="qmerge": > #qmerge is specifically not supposed to do a runtime dep check > return merge(settings["CATEGORY"],settings["PF"],settings["D"],settings["BUILDDIR"]+"/build-info",myroot) > elif mydo=="merge": >- retval=spawn("/usr/sbin/ebuild.sh setup unpack compile install") >+ retval=spawnebuild("install",actionmap,debug,1) > if retval: return retval > return merge(settings["CATEGORY"],settings["PF"],settings["D"],settings["BUILDDIR"]+"/build-info",myroot,myebuild=settings["EBUILD"]) > elif mydo=="package": >Index: src/sandbox-1.1/sandbox.c >=================================================================== >RCS file: /mnt/gentoo/cvsroot/gentoo-src/portage/src/sandbox-1.1/sandbox.c,v >retrieving revision 1.6 >diff -u -r1.6 sandbox.c >--- src/sandbox-1.1/sandbox.c 2002/09/24 17:13:45 1.6 >+++ src/sandbox-1.1/sandbox.c 2002/12/16 21:14:49 >@@ -546,11 +546,16 @@ > exit(1); > } > >- /* Our r+ also will create the file if it doesn't exist */ >- preload_file=file_open("/etc/ld.so.preload", "r+", 1, 0644); >- if (-1 == preload_file) { >- preload_adaptable = 0; >-/* exit(1);*/ >+ if (getuid() == 0) { >+ /* Our r+ also will create the file if it doesn't exist */ >+ preload_file=file_open("/etc/ld.so.preload", "r+", 1, 0644); >+ if (-1 == preload_file) { >+ preload_adaptable = 0; >+ /* exit(1);*/ >+ } >+ } else { >+ /* avoid permissions warnings if we're not root */ >+ preload_adaptable = 0; > } > > #ifdef USE_LD_SO_PRELOAD
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=6546">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 11189
:
5931
| 6546
