aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAvatar Ciaran McCreesh <ciaran.mccreesh@googlemail.com> 2008-09-01 17:12:51 +0100
committerAvatar Ciaran McCreesh <ciaran.mccreesh@googlemail.com> 2008-09-01 17:13:13 +0100
commitf687f2305ab5a3964829b0f11d26cfb42171e444 (patch)
treee1a3d3d772cf2c7f22d27d7e2791033458c4e146
parent78ce4a65b080ac2a3bb8a569c2f9d317f0906e67 (diff)
downloadpaludis-f687f2305ab5a3964829b0f11d26cfb42171e444.tar.gz
paludis-f687f2305ab5a3964829b0f11d26cfb42171e444.tar.xz
Some EAPIs require reduced user id != 0
-rw-r--r--paludis/repositories/e/eapi.cc3
-rw-r--r--paludis/repositories/e/eapi.hh2
-rw-r--r--paludis/repositories/e/eapis/0.conf1
-rw-r--r--paludis/repositories/e/eapis/exheres-0.conf1
-rw-r--r--paludis/repositories/e/eapis/paludis-1.conf1
-rw-r--r--paludis/repositories/e/ebuild.cc12
6 files changed, 19 insertions, 1 deletions
diff --git a/paludis/repositories/e/eapi.cc b/paludis/repositories/e/eapi.cc
index 90b9b37..78a0deb 100644
--- a/paludis/repositories/e/eapi.cc
+++ b/paludis/repositories/e/eapi.cc
@@ -261,7 +261,8 @@ namespace
value_for<n::package_dep_spec_parse_options>(package_dep_spec_parse_options),
value_for<n::pipe_commands>(make_pipe_commands(k)),
value_for<n::tools_options>(make_tool_options(k)),
- value_for<n::uri_labels>(make_shared_ptr(new const EAPILabels(check_get(k, "uri_labels"))))
+ value_for<n::uri_labels>(make_shared_ptr(new const EAPILabels(check_get(k, "uri_labels")))),
+ value_for<n::userpriv_cannot_use_root>(destringify_key<bool>(k, "userpriv_cannot_use_root"))
)));
}
}
diff --git a/paludis/repositories/e/eapi.hh b/paludis/repositories/e/eapi.hh
index d0b87b2..33f8fae 100644
--- a/paludis/repositories/e/eapi.hh
+++ b/paludis/repositories/e/eapi.hh
@@ -138,6 +138,7 @@ namespace paludis
struct uri_labels;
struct use;
struct use_expand_separator;
+ struct userpriv_cannot_use_root;
struct utility_path_suffixes;
struct vdb_from_env_unless_empty_variables;
struct vdb_from_env_variables;
@@ -224,6 +225,7 @@ namespace paludis
NamedValue<n::pipe_commands, std::tr1::shared_ptr<const EAPIPipeCommands> > pipe_commands;
NamedValue<n::tools_options, std::tr1::shared_ptr<const EAPIToolsOptions> > tools_options;
NamedValue<n::uri_labels, std::tr1::shared_ptr<const EAPILabels> > uri_labels;
+ NamedValue<n::userpriv_cannot_use_root, bool> userpriv_cannot_use_root;
};
struct EAPIEbuildEnvironmentVariables
diff --git a/paludis/repositories/e/eapis/0.conf b/paludis/repositories/e/eapis/0.conf
index f4b9f43..51fd238 100644
--- a/paludis/repositories/e/eapis/0.conf
+++ b/paludis/repositories/e/eapis/0.conf
@@ -20,6 +20,7 @@ ebuild_module_suffixes = 0
f_function_prefix = ebuild_f
ignore_pivot_env_functions =
ignore_pivot_env_variables =
+userpriv_cannot_use_root = false
vdb_from_env_variables = \
CATEGORY CHOST COUNTER DEPEND DESCRIPTION EAPI FEATURES \
diff --git a/paludis/repositories/e/eapis/exheres-0.conf b/paludis/repositories/e/eapis/exheres-0.conf
index 4e9791d..63afb8f 100644
--- a/paludis/repositories/e/eapis/exheres-0.conf
+++ b/paludis/repositories/e/eapis/exheres-0.conf
@@ -23,6 +23,7 @@ use_expand_separator = :
f_function_prefix = exheres_internal
ignore_pivot_env_functions =
ignore_pivot_env_variables =
+userpriv_cannot_use_root = true
vdb_from_env_variables = \
CATEGORY CHOST DEPENDENCIES SUMMARY EAPI \
diff --git a/paludis/repositories/e/eapis/paludis-1.conf b/paludis/repositories/e/eapis/paludis-1.conf
index f37f88c..50ed2d7 100644
--- a/paludis/repositories/e/eapis/paludis-1.conf
+++ b/paludis/repositories/e/eapis/paludis-1.conf
@@ -23,6 +23,7 @@ use_expand_separator = _
f_function_prefix = ebuild_f
ignore_pivot_env_variables =
ignore_pivot_env_functions =
+userpriv_cannot_use_root = false
vdb_from_env_variables = \
CATEGORY CHOST COUNTER DEPEND DESCRIPTION EAPI FEATURES \
diff --git a/paludis/repositories/e/ebuild.cc b/paludis/repositories/e/ebuild.cc
index 66c92e2..3f3183b 100644
--- a/paludis/repositories/e/ebuild.cc
+++ b/paludis/repositories/e/ebuild.cc
@@ -92,14 +92,26 @@ EbuildCommand::failure()
bool
EbuildCommand::operator() ()
{
+ Context context("When running an ebuild command on '" + stringify(*params.package_id()) + "':");
+
Command cmd(getenv_with_default("PALUDIS_EBUILD_DIR", LIBEXECDIR "/paludis") +
"/ebuild.bash '" + ebuild_file() + "' " + commands());
+ if (! params.package_id()->eapi()->supported())
+ throw InternalError(PALUDIS_HERE, "Tried to run EbuildCommand on an unsupported EAPI");
+
if (params.sandbox())
cmd.with_sandbox();
if (params.userpriv())
+ {
+ if (params.package_id()->eapi()->supported()->userpriv_cannot_use_root())
+ {
+ if (0 == params.environment()->reduced_uid() || 0 == params.environment()->reduced_gid())
+ throw ActionError("Need to be able to use non-0 user and group for userpriv for '" + stringify(*params.package_id()) + "'");
+ }
cmd.with_uid_gid(params.environment()->reduced_uid(), params.environment()->reduced_gid());
+ }
using namespace std::tr1::placeholders;
cmd.with_pipe_command_handler(std::tr1::bind(&pipe_command_handler, params.environment(), params.package_id(), _1));