Selaa lähdekoodia

Fix backward compatiblity of the new pkgAcquireMethod::DropPrivsOrDie()

Do not drop privileges in the methods when using a older version of
libapt that does not support the chown magic in partial/ yet. To
do this DropPrivileges() now will ignore a empty Apt::Sandbox::User.

Cleanup all hardcoded _apt along the way.
Michael Vogt 11 vuotta sitten
vanhempi
commit
9983999d29

+ 9 - 3
apt-pkg/acquire-item.cc

@@ -215,7 +215,11 @@ bool pkgAcquire::Item::Rename(string From,string To)
 void pkgAcquire::Item::QueueURI(ItemDesc &Item)
 void pkgAcquire::Item::QueueURI(ItemDesc &Item)
 {
 {
    if (RealFileExists(DestFile))
    if (RealFileExists(DestFile))
-      ChangeOwnerAndPermissionOfFile("GetPartialFileName", DestFile.c_str(), "_apt", "root", 0600);
+   {
+      std::string SandboxUser = _config->Find("APT::Sandbox::User");
+      ChangeOwnerAndPermissionOfFile("GetPartialFileName", DestFile.c_str(),
+                                     SandboxUser.c_str(), "root", 0600);
+   }
    Owner->Enqueue(Item);
    Owner->Enqueue(Item);
 }
 }
 void pkgAcquire::Item::Dequeue()
 void pkgAcquire::Item::Dequeue()
@@ -2486,7 +2490,8 @@ bool pkgAcqArchive::QueueNext()
 	 else
 	 else
 	 {
 	 {
 	    PartialSize = Buf.st_size;
 	    PartialSize = Buf.st_size;
-	    ChangeOwnerAndPermissionOfFile("pkgAcqArchive::QueueNext", DestFile.c_str(), "_apt", "root", 0600);
+            std::string SandboxUser = _config->Find("APT::Sandbox::User");
+	    ChangeOwnerAndPermissionOfFile("pkgAcqArchive::QueueNext",DestFile.c_str(), SandboxUser.c_str(), "root", 0600);
 	 }
 	 }
       }
       }
 
 
@@ -2654,7 +2659,8 @@ pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI, HashStringList const &Hashe
       else
       else
       {
       {
 	 PartialSize = Buf.st_size;
 	 PartialSize = Buf.st_size;
-	 ChangeOwnerAndPermissionOfFile("pkgAcqFile", DestFile.c_str(), "_apt", "root", 0600);
+         std::string SandboxUser = _config->Find("APT::Sandbox::User");
+	 ChangeOwnerAndPermissionOfFile("pkgAcqFile", DestFile.c_str(), SandboxUser.c_str(), "root", 0600);
       }
       }
    }
    }
 
 

+ 3 - 2
apt-pkg/acquire.cc

@@ -83,10 +83,11 @@ static bool SetupAPTPartialDirectory(std::string const &grand, std::string const
 
 
    if (getuid() == 0) // if we aren't root, we can't chown, so don't try it
    if (getuid() == 0) // if we aren't root, we can't chown, so don't try it
    {
    {
-      struct passwd *pw = getpwnam("_apt");
+      std::string SandboxUser = _config->Find("APT::Sandbox::User");
+      struct passwd *pw = getpwnam(SandboxUser.c_str());
       struct group *gr = getgrnam("root");
       struct group *gr = getgrnam("root");
       if (pw != NULL && gr != NULL && chown(partial.c_str(), pw->pw_uid, gr->gr_gid) != 0)
       if (pw != NULL && gr != NULL && chown(partial.c_str(), pw->pw_uid, gr->gr_gid) != 0)
-	 _error->WarningE("SetupAPTPartialDirectory", "chown to _apt:root of directory %s failed", partial.c_str());
+	 _error->WarningE("SetupAPTPartialDirectory", "chown to %s:root of directory %s failed", SandboxUser.c_str(), partial.c_str());
    }
    }
    if (chmod(partial.c_str(), 0700) != 0)
    if (chmod(partial.c_str(), 0700) != 0)
       _error->WarningE("SetupAPTPartialDirectory", "chmod 0700 of directory %s failed", partial.c_str());
       _error->WarningE("SetupAPTPartialDirectory", "chmod 0700 of directory %s failed", partial.c_str());

+ 6 - 1
apt-pkg/contrib/fileutl.cc

@@ -2168,6 +2168,12 @@ bool DropPrivileges()							/*{{{*/
    if(_config->FindB("Debug::NoDropPrivs", false) == true)
    if(_config->FindB("Debug::NoDropPrivs", false) == true)
       return true;
       return true;
 
 
+   // empty setting disables DropPrivilidges - this also ensures
+   // backward compatibility, see bug #764506
+   const std::string toUser = _config->Find("APT::Sandbox::User");
+   if (toUser.empty())
+      return true;
+
 #if __gnu_linux__
 #if __gnu_linux__
 #if defined(PR_SET_NO_NEW_PRIVS) && ( PR_SET_NO_NEW_PRIVS != 38 )
 #if defined(PR_SET_NO_NEW_PRIVS) && ( PR_SET_NO_NEW_PRIVS != 38 )
 #error "PR_SET_NO_NEW_PRIVS is defined, but with a different value than expected!"
 #error "PR_SET_NO_NEW_PRIVS is defined, but with a different value than expected!"
@@ -2186,7 +2192,6 @@ bool DropPrivileges()							/*{{{*/
    if (old_uid != 0)
    if (old_uid != 0)
       return true;
       return true;
 
 
-   const std::string toUser = _config->Find("APT::Sandbox::User", "_apt");
    struct passwd *pw = getpwnam(toUser.c_str());
    struct passwd *pw = getpwnam(toUser.c_str());
    if (pw == NULL)
    if (pw == NULL)
       return _error->Error("No user %s, can not drop rights", toUser.c_str());
       return _error->Error("No user %s, can not drop rights", toUser.c_str());

+ 3 - 0
apt-pkg/init.cc

@@ -95,6 +95,9 @@ bool pkgInitConfig(Configuration &Cnf)
    // Default cdrom mount point
    // Default cdrom mount point
    Cnf.CndSet("Acquire::cdrom::mount", "/media/cdrom/");
    Cnf.CndSet("Acquire::cdrom::mount", "/media/cdrom/");
 
 
+   // The default user we drop to in the methods
+   Cnf.CndSet("APT::Sandbox::User", "_apt");
+
    bool Res = true;
    bool Res = true;
    
    
    // Read an alternate config file
    // Read an alternate config file

+ 4 - 3
methods/ftp.cc

@@ -988,6 +988,10 @@ bool FtpMethod::Configuration(string Message)
       return false;
       return false;
    
    
    TimeOut = _config->FindI("Acquire::Ftp::Timeout",TimeOut);
    TimeOut = _config->FindI("Acquire::Ftp::Timeout",TimeOut);
+
+   // no more active ftp, sorry
+   DropPrivsOrDie();
+
    return true;
    return true;
 }
 }
 									/*}}}*/
 									/*}}}*/
@@ -1141,8 +1145,5 @@ int main(int, const char *argv[])
    
    
    FtpMethod Mth;
    FtpMethod Mth;
 
 
-   // no more active ftp, sorry
-   Mth.DropPrivsOrDie();
-   
    return Mth.Run();
    return Mth.Run();
 }
 }

+ 11 - 3
methods/gpgv.cc

@@ -44,12 +44,22 @@ class GPGVMethod : public pkgAcqMethod
    
    
    protected:
    protected:
    virtual bool Fetch(FetchItem *Itm);
    virtual bool Fetch(FetchItem *Itm);
-   
+   virtual bool Configuration(string Message);
    public:
    public:
    
    
    GPGVMethod() : pkgAcqMethod("1.0",SingleInstance | SendConfig) {};
    GPGVMethod() : pkgAcqMethod("1.0",SingleInstance | SendConfig) {};
 };
 };
 
 
+bool GPGVMethod::Configuration(string Message)
+{
+   if (pkgAcqMethod::Configuration(Message) == false)
+      return false;
+
+   DropPrivsOrDie();
+
+   return true;
+}
+
 string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
 string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
 					 vector<string> &GoodSigners,
 					 vector<string> &GoodSigners,
 					 vector<string> &BadSigners,
 					 vector<string> &BadSigners,
@@ -265,7 +275,5 @@ int main()
 
 
    GPGVMethod Mth;
    GPGVMethod Mth;
 
 
-   Mth.DropPrivsOrDie();
-
    return Mth.Run();
    return Mth.Run();
 }
 }

+ 10 - 2
methods/gzip.cc

@@ -33,12 +33,22 @@ const char *Prog;
 class GzipMethod : public pkgAcqMethod
 class GzipMethod : public pkgAcqMethod
 {
 {
    virtual bool Fetch(FetchItem *Itm);
    virtual bool Fetch(FetchItem *Itm);
+   virtual bool Configuration(std::string Message);
    
    
    public:
    public:
    
    
    GzipMethod() : pkgAcqMethod("1.1",SingleInstance | SendConfig) {};
    GzipMethod() : pkgAcqMethod("1.1",SingleInstance | SendConfig) {};
 };
 };
 
 
+bool GzipMethod::Configuration(std::string Message)
+{
+   if (pkgAcqMethod::Configuration(Message) == false)
+      return false;
+
+   DropPrivsOrDie();
+
+   return true;
+}
 
 
 // GzipMethod::Fetch - Decompress the passed URI			/*{{{*/
 // GzipMethod::Fetch - Decompress the passed URI			/*{{{*/
 // ---------------------------------------------------------------------
 // ---------------------------------------------------------------------
@@ -140,7 +150,5 @@ int main(int, char *argv[])
 
 
    GzipMethod Mth;
    GzipMethod Mth;
 
 
-   Mth.DropPrivsOrDie();
-
    return Mth.Run();
    return Mth.Run();
 }
 }

+ 2 - 0
methods/http.cc

@@ -770,6 +770,8 @@ bool HttpMethod::Configuration(string Message)
    if (ServerMethod::Configuration(Message) == false)
    if (ServerMethod::Configuration(Message) == false)
       return false;
       return false;
 
 
+   DropPrivsOrDie();
+
    AllowRedirect = _config->FindB("Acquire::http::AllowRedirect",true);
    AllowRedirect = _config->FindB("Acquire::http::AllowRedirect",true);
    PipelineDepth = _config->FindI("Acquire::http::Pipeline-Depth",
    PipelineDepth = _config->FindI("Acquire::http::Pipeline-Depth",
 				  PipelineDepth);
 				  PipelineDepth);

+ 0 - 1
methods/http_main.cc

@@ -15,6 +15,5 @@ int main()
 
 
    HttpMethod Mth;
    HttpMethod Mth;
 
 
-   Mth.DropPrivsOrDie();
    return Mth.Loop();
    return Mth.Loop();
 }
 }

+ 10 - 2
methods/https.cc

@@ -37,6 +37,16 @@
 									/*}}}*/
 									/*}}}*/
 using namespace std;
 using namespace std;
 
 
+bool HttpsMethod::Configuration(std::string Message)
+{
+   if (pkgAcqMethod::Configuration(Message) == false)
+      return false;
+
+   DropPrivsOrDie();
+
+   return true;
+}
+
 size_t
 size_t
 HttpsMethod::parse_header(void *buffer, size_t size, size_t nmemb, void *userp)
 HttpsMethod::parse_header(void *buffer, size_t size, size_t nmemb, void *userp)
 {
 {
@@ -452,8 +462,6 @@ int main()
    HttpsMethod Mth;
    HttpsMethod Mth;
    curl_global_init(CURL_GLOBAL_SSL) ;
    curl_global_init(CURL_GLOBAL_SSL) ;
 
 
-   Mth.DropPrivsOrDie();
-
    return Mth.Run();
    return Mth.Run();
 }
 }
 
 

+ 2 - 0
methods/https.h

@@ -58,6 +58,8 @@ class HttpsMethod : public pkgAcqMethod
    static const int DL_MIN_SPEED = 10;
    static const int DL_MIN_SPEED = 10;
 
 
    virtual bool Fetch(FetchItem *);
    virtual bool Fetch(FetchItem *);
+   virtual bool Configuration(std::string Message);
+
    static size_t parse_header(void *buffer, size_t size, size_t nmemb, void *userp);
    static size_t parse_header(void *buffer, size_t size, size_t nmemb, void *userp);
    static size_t write_data(void *buffer, size_t size, size_t nmemb, void *userp);
    static size_t write_data(void *buffer, size_t size, size_t nmemb, void *userp);
    static int progress_callback(void *clientp, double dltotal, double dlnow, 
    static int progress_callback(void *clientp, double dltotal, double dlnow,