123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378 |
- /*
- * dpkg - main program for package management
- * script.c - maintainer script routines
- *
- * Copyright © 1995 Ian Jackson <ijackson@chiark.greenend.org.uk>
- * Copyright © 2007-2014 Guillem Jover <guillem@debian.org>
- *
- * This is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <https://www.gnu.org/licenses/>.
- */
- #include <config.h>
- #include <compat.h>
- #include <sys/types.h>
- #include <sys/stat.h>
- #include <assert.h>
- #include <errno.h>
- #include <string.h>
- #include <unistd.h>
- #include <stdlib.h>
- #ifdef WITH_LIBSELINUX
- #include <selinux/selinux.h>
- #endif
- #include <dpkg/i18n.h>
- #include <dpkg/debug.h>
- #include <dpkg/dpkg.h>
- #include <dpkg/dpkg-db.h>
- #include <dpkg/pkg.h>
- #include <dpkg/subproc.h>
- #include <dpkg/command.h>
- #include <dpkg/triglib.h>
- #include "filesdb.h"
- #include "infodb.h"
- #include "main.h"
- void
- post_postinst_tasks(struct pkginfo *pkg, enum pkgstatus new_status)
- {
- if (new_status < PKG_STAT_TRIGGERSAWAITED)
- pkg_set_status(pkg, new_status);
- else if (pkg->trigaw.head)
- pkg_set_status(pkg, PKG_STAT_TRIGGERSAWAITED);
- else if (pkg->trigpend_head)
- pkg_set_status(pkg, PKG_STAT_TRIGGERSPENDING);
- else
- pkg_set_status(pkg, PKG_STAT_INSTALLED);
- modstatdb_note(pkg);
- debug(dbg_triggersdetail, "post_postinst_tasks - trig_incorporate");
- trig_incorporate(modstatdb_get_status());
- }
- static void
- post_script_tasks(void)
- {
- debug(dbg_triggersdetail, "post_script_tasks - ensure_diversions");
- ensure_diversions();
- debug(dbg_triggersdetail, "post_script_tasks - trig_incorporate");
- trig_incorporate(modstatdb_get_status());
- }
- static void
- cu_post_script_tasks(int argc, void **argv)
- {
- post_script_tasks();
- }
- static void
- setexecute(const char *path, struct stat *stab)
- {
- if ((stab->st_mode & 0555) == 0555)
- return;
- if (!chmod(path, 0755))
- return;
- ohshite(_("unable to set execute permissions on '%.250s'"), path);
- }
- /**
- * Returns the path to the script inside the chroot.
- */
- static const char *
- maintscript_pre_exec(struct command *cmd)
- {
- const char *admindir = dpkg_db_get_dir();
- const char *changedir;
- size_t instdirlen = strlen(instdir);
- if (instdirlen > 0 && fc_script_chrootless)
- changedir = instdir;
- else
- changedir = "/";
- if (instdirlen > 0 && !fc_script_chrootless) {
- if (strncmp(admindir, instdir, instdirlen) != 0)
- ohshit(_("admindir must be inside instdir for dpkg to work properly"));
- if (setenv("DPKG_ADMINDIR", admindir + instdirlen, 1) < 0)
- ohshite(_("unable to setenv for subprocesses"));
- if (setenv("DPKG_ROOT", "", 1) < 0)
- ohshite(_("unable to setenv for subprocesses"));
- if (chroot(instdir))
- ohshite(_("failed to chroot to '%.250s'"), instdir);
- }
- /* Switch to a known good directory to give the maintainer script
- * a saner environment, also needed after the chroot(). */
- if (chdir(changedir))
- ohshite(_("failed to chdir to '%.255s'"), changedir);
- if (debug_has_flag(dbg_scripts)) {
- struct varbuf args = VARBUF_INIT;
- const char **argv = cmd->argv;
- while (*++argv) {
- varbuf_add_char(&args, ' ');
- varbuf_add_str(&args, *argv);
- }
- varbuf_end_str(&args);
- debug(dbg_scripts, "fork/exec %s (%s )", cmd->filename,
- args.buf);
- varbuf_destroy(&args);
- }
- if (instdirlen == 0 || fc_script_chrootless)
- return cmd->filename;
- assert(strlen(cmd->filename) >= instdirlen);
- return cmd->filename + instdirlen;
- }
- /**
- * Set a new security execution context for the maintainer script.
- *
- * Try to create a new execution context based on the current one and the
- * specific maintainer script filename. If it's the same as the current
- * one, use the given fallback.
- */
- static int
- maintscript_set_exec_context(struct command *cmd, const char *fallback)
- {
- int rc = 0;
- #ifdef WITH_LIBSELINUX
- rc = setexecfilecon(cmd->filename, fallback);
- #endif
- return rc < 0 ? rc : 0;
- }
- static int
- maintscript_exec(struct pkginfo *pkg, struct pkgbin *pkgbin,
- struct command *cmd, struct stat *stab, int warn)
- {
- pid_t pid;
- int rc;
- setexecute(cmd->filename, stab);
- push_cleanup(cu_post_script_tasks, ehflag_bombout, NULL, 0, 0);
- pid = subproc_fork();
- if (pid == 0) {
- char *pkg_count;
- const char *maintscript_debug;
- pkg_count = str_fmt("%d", pkgset_installed_instances(pkg->set));
- maintscript_debug = debug_has_flag(dbg_scripts) ? "1" : "0";
- if (setenv("DPKG_MAINTSCRIPT_PACKAGE", pkg->set->name, 1) ||
- setenv("DPKG_MAINTSCRIPT_PACKAGE_REFCOUNT", pkg_count, 1) ||
- setenv("DPKG_MAINTSCRIPT_ARCH", pkgbin->arch->name, 1) ||
- setenv("DPKG_MAINTSCRIPT_NAME", cmd->argv[0], 1) ||
- setenv("DPKG_MAINTSCRIPT_DEBUG", maintscript_debug, 1) ||
- setenv("DPKG_RUNNING_VERSION", PACKAGE_VERSION, 1))
- ohshite(_("unable to setenv for maintainer script"));
- cmd->filename = cmd->argv[0] = maintscript_pre_exec(cmd);
- if (maintscript_set_exec_context(cmd, "dpkg_script_t") < 0)
- ohshite(_("cannot set security execution context for "
- "maintainer script"));
- runcmd(cmd);
- }
- subproc_signals_ignore(cmd->name);
- rc = subproc_reap(pid, cmd->name, warn);
- subproc_signals_restore();
- pop_cleanup(ehflag_normaltidy);
- return rc;
- }
- static int
- vmaintscript_installed(struct pkginfo *pkg, const char *scriptname,
- const char *desc, va_list args)
- {
- struct command cmd;
- const char *scriptpath;
- struct stat stab;
- char buf[100];
- scriptpath = pkg_infodb_get_file(pkg, &pkg->installed, scriptname);
- sprintf(buf, _("installed %s script"), desc);
- command_init(&cmd, scriptpath, buf);
- command_add_arg(&cmd, scriptname);
- command_add_argv(&cmd, args);
- if (stat(scriptpath, &stab)) {
- command_destroy(&cmd);
- if (errno == ENOENT) {
- debug(dbg_scripts,
- "vmaintscript_installed nonexistent %s",
- scriptname);
- return 0;
- }
- ohshite(_("unable to stat %s '%.250s'"), buf, scriptpath);
- }
- maintscript_exec(pkg, &pkg->installed, &cmd, &stab, 0);
- command_destroy(&cmd);
- return 1;
- }
- /*
- * All ...'s in maintscript_* are const char *'s.
- */
- int
- maintscript_installed(struct pkginfo *pkg, const char *scriptname,
- const char *desc, ...)
- {
- va_list args;
- int rc;
- va_start(args, desc);
- rc = vmaintscript_installed(pkg, scriptname, desc, args);
- va_end(args);
- if (rc)
- post_script_tasks();
- return rc;
- }
- int
- maintscript_postinst(struct pkginfo *pkg, ...)
- {
- va_list args;
- int rc;
- va_start(args, pkg);
- rc = vmaintscript_installed(pkg, POSTINSTFILE, "post-installation", args);
- va_end(args);
- if (rc)
- ensure_diversions();
- return rc;
- }
- int
- maintscript_new(struct pkginfo *pkg, const char *scriptname,
- const char *desc, const char *cidir, char *cidirrest, ...)
- {
- struct command cmd;
- struct stat stab;
- va_list args;
- char buf[100];
- strcpy(cidirrest, scriptname);
- sprintf(buf, _("new %s script"), desc);
- va_start(args, cidirrest);
- command_init(&cmd, cidir, buf);
- command_add_arg(&cmd, scriptname);
- command_add_argv(&cmd, args);
- va_end(args);
- if (stat(cidir, &stab)) {
- command_destroy(&cmd);
- if (errno == ENOENT) {
- debug(dbg_scripts,
- "maintscript_new nonexistent %s '%s'",
- scriptname, cidir);
- return 0;
- }
- ohshite(_("unable to stat %s '%.250s'"), buf, cidir);
- }
- maintscript_exec(pkg, &pkg->available, &cmd, &stab, 0);
- command_destroy(&cmd);
- post_script_tasks();
- return 1;
- }
- int
- maintscript_fallback(struct pkginfo *pkg,
- const char *scriptname, const char *desc,
- const char *cidir, char *cidirrest,
- const char *ifok, const char *iffallback)
- {
- struct command cmd;
- const char *oldscriptpath;
- struct stat stab;
- char buf[100];
- oldscriptpath = pkg_infodb_get_file(pkg, &pkg->installed, scriptname);
- sprintf(buf, _("old %s script"), desc);
- command_init(&cmd, oldscriptpath, buf);
- command_add_args(&cmd, scriptname, ifok,
- versiondescribe(&pkg->available.version, vdew_nonambig),
- NULL);
- if (stat(oldscriptpath, &stab)) {
- if (errno == ENOENT) {
- debug(dbg_scripts,
- "maintscript_fallback nonexistent %s '%s'",
- scriptname, oldscriptpath);
- command_destroy(&cmd);
- return 0;
- }
- warning(_("unable to stat %s '%.250s': %s"),
- cmd.name, oldscriptpath, strerror(errno));
- } else {
- if (!maintscript_exec(pkg, &pkg->installed, &cmd, &stab, SUBPROC_WARN)) {
- command_destroy(&cmd);
- post_script_tasks();
- return 1;
- }
- }
- notice(_("trying script from the new package instead ..."));
- strcpy(cidirrest, scriptname);
- sprintf(buf, _("new %s script"), desc);
- command_destroy(&cmd);
- command_init(&cmd, cidir, buf);
- command_add_args(&cmd, scriptname, iffallback,
- versiondescribe(&pkg->installed.version, vdew_nonambig),
- versiondescribe(&pkg->available.version, vdew_nonambig),
- NULL);
- if (stat(cidir, &stab)) {
- command_destroy(&cmd);
- if (errno == ENOENT)
- ohshit(_("there is no script in the new version of the package - giving up"));
- else
- ohshite(_("unable to stat %s '%.250s'"), buf, cidir);
- }
- maintscript_exec(pkg, &pkg->available, &cmd, &stab, 0);
- notice(_("... it looks like that went OK"));
- command_destroy(&cmd);
- post_script_tasks();
- return 1;
- }
|