aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAvatar Ciaran McCreesh <ciaran.mccreesh@googlemail.com> 2010-03-30 18:42:34 +0100
committerAvatar Ciaran McCreesh <ciaran.mccreesh@googlemail.com> 2010-03-30 18:57:19 +0100
commit16d112a716e6c286d25967529837b65d5eb6c1f8 (patch)
treefa7930cb6f3747c64db2f7ce2293b6522d6f500f
parent59960f024e275bdf04ca0dba57b3188ec257b3c3 (diff)
downloadpaludis-16d112a716e6c286d25967529837b65d5eb6c1f8.tar.gz
paludis-16d112a716e6c286d25967529837b65d5eb6c1f8.tar.xz
Tinker with permissions on mkdirs.
When creating a cache subdirectory, we now copy the mode of the main cache directory rather than relying upon umask.
-rw-r--r--doc/faq/different.html.part7
-rw-r--r--paludis/repositories/e/ebuild_flat_metadata_cache.cc19
-rw-r--r--paludis/repositories/e/vdb_repository.cc10
-rw-r--r--paludis/repository_name_cache.cc14
4 files changed, 41 insertions, 9 deletions
diff --git a/doc/faq/different.html.part b/doc/faq/different.html.part
index c44f1ed..a7d8b96 100644
--- a/doc/faq/different.html.part
+++ b/doc/faq/different.html.part
@@ -84,8 +84,13 @@ Paludis-owned directory. This is for security reasons -- Paludis does not know
what permissions are correct for you for the directory, and unlike Portage it
does not grant back-door root access to all users in a particular group.</p>
+<p>As of Paludis 0.44.3, when Paludis does create cache subdirectories, it will
+copy the mode of the main cache directory rather than going by your umask.</p>
+
<p>Incidentally, if you want to let multiple users do Paludis cache writes and
-the like, you should look into what <code>chmod +s</code> does to directories.</p>
+the like, you should look into what <code>chmod +s</code> does to directories.
+Note, however, that malicious users who can write cache files can probably gain
+local root access.</p>
<h2 id="revdep_rebuild">Revdep-rebuild Equivalent</h2>
diff --git a/paludis/repositories/e/ebuild_flat_metadata_cache.cc b/paludis/repositories/e/ebuild_flat_metadata_cache.cc
index 319df88..e74e307 100644
--- a/paludis/repositories/e/ebuild_flat_metadata_cache.cc
+++ b/paludis/repositories/e/ebuild_flat_metadata_cache.cc
@@ -665,8 +665,23 @@ EbuildFlatMetadataCache::save(const std::tr1::shared_ptr<const EbuildID> & id)
try
{
- _imp->filename.dirname().dirname().mkdir();
- _imp->filename.dirname().mkdir();
+ FSEntry cat_dir(_imp->filename.dirname());
+ FSEntry repo_dir(cat_dir.dirname());
+ FSEntry main_dir(repo_dir.dirname());
+
+ if (! main_dir.exists())
+ {
+ Log::get_instance()->message("e.cache.save.no_dir", ll_warning, lc_no_context) << "Directory '"
+ << main_dir << "' does not exist, so cannot save cache file '" << _imp->filename << "' "
+ << "(see the faq for why this directory will not be created automatically)";
+ return;
+ }
+
+ if (repo_dir.mkdir(main_dir.permissions()))
+ repo_dir.chmod(main_dir.permissions());
+
+ if (cat_dir.mkdir(main_dir.permissions()))
+ cat_dir.chmod(main_dir.permissions());
}
catch (const FSError & e)
{
diff --git a/paludis/repositories/e/vdb_repository.cc b/paludis/repositories/e/vdb_repository.cc
index 1b78163..2cb4ec2 100644
--- a/paludis/repositories/e/vdb_repository.cc
+++ b/paludis/repositories/e/vdb_repository.cc
@@ -787,6 +787,15 @@ VDBRepository::write_provides_cache() const
{
Context context("When saving provides cache to '" + stringify(_imp->params.provides_cache()) + "':");
+ if (! _imp->params.provides_cache().dirname().exists())
+ {
+ Log::get_instance()->message("e.vdb.provides.no_dir", ll_warning, lc_no_context) << "Directory '"
+ << _imp->params.provides_cache().dirname() << "' does not exist, so cannot save cache file '"
+ << _imp->params.provides_cache() << "' "
+ << "(see the faq for why this directory will not be created automatically)";
+ return;
+ }
+
try
{
SafeOFStream f(_imp->params.provides_cache());
@@ -835,7 +844,6 @@ VDBRepository::regenerate_provides_cache() const
+ stringify(_imp->params.provides_cache()) + "':");
FSEntry(_imp->params.provides_cache()).unlink();
- _imp->params.provides_cache().dirname().mkdir();
load_provided_the_slow_way();
write_provides_cache();
diff --git a/paludis/repository_name_cache.cc b/paludis/repository_name_cache.cc
index 07498af..d0967d4 100644
--- a/paludis/repository_name_cache.cc
+++ b/paludis/repository_name_cache.cc
@@ -1,7 +1,7 @@
/* vim: set sw=4 sts=4 et foldmethod=syntax : */
/*
- * Copyright (c) 2006, 2007, 2008, 2009 Ciaran McCreesh
+ * Copyright (c) 2006, 2007, 2008, 2009, 2010 Ciaran McCreesh
*
* This file is part of the Paludis package manager. Paludis is free software;
* you can redistribute it and/or modify it under the terms of the GNU General
@@ -223,10 +223,14 @@ RepositoryNameCache::regenerate_cache() const
for (DirIterator i(_imp->location, DirIteratorOptions() + dio_inode_sort), i_end ; i != i_end ; ++i)
FSEntry(*i).unlink();
- _imp->location.dirname().mkdir();
- if (_imp->location.exists() && ! _imp->location.is_directory())
- FSEntry(_imp->location).unlink();
- FSEntry(_imp->location).mkdir();
+ FSEntry main_cache_dir(_imp->location.dirname());
+ if (! main_cache_dir.exists())
+ Log::get_instance()->message("repository.names_cache.no_dir", ll_warning, lc_context)
+ << "Names cache directory '" << main_cache_dir << "' does not exist "
+ << "(see the faq for why this directory will not be created automatically)";
+
+ if (FSEntry(_imp->location).mkdir(main_cache_dir.permissions()))
+ FSEntry(_imp->location).chmod(main_cache_dir.permissions());
std::tr1::unordered_map<std::string, std::string, Hash<std::string> > m;