aboutsummaryrefslogtreecommitdiff
path: root/paludis/repositories/e/check_userpriv.cc
diff options
context:
space:
mode:
authorAvatar Ciaran McCreesh <ciaran.mccreesh@googlemail.com> 2010-12-05 16:14:14 +0000
committerAvatar Ciaran McCreesh <ciaran.mccreesh@googlemail.com> 2010-12-05 21:19:06 +0000
commit74d54724984bc1b3fa49414995151edfe031e368 (patch)
tree1c72f0f666f9dfe358ff794533ebee152c16dd57 /paludis/repositories/e/check_userpriv.cc
parentd97eebaccb30a9669471516db9e7243420cbae47 (diff)
downloadpaludis-74d54724984bc1b3fa49414995151edfe031e368.tar.gz
paludis-74d54724984bc1b3fa49414995151edfe031e368.tar.xz
Split things up
Diffstat (limited to 'paludis/repositories/e/check_userpriv.cc')
-rw-r--r--paludis/repositories/e/check_userpriv.cc65
1 files changed, 65 insertions, 0 deletions
diff --git a/paludis/repositories/e/check_userpriv.cc b/paludis/repositories/e/check_userpriv.cc
new file mode 100644
index 000000000..d7a0bac46
--- /dev/null
+++ b/paludis/repositories/e/check_userpriv.cc
@@ -0,0 +1,65 @@
+/* vim: set sw=4 sts=4 et foldmethod=syntax : */
+
+/*
+ * Copyright (c) 2010 Ciaran McCreesh
+ *
+ * This file is part of the Paludis package manager. Paludis is free software;
+ * you can redistribute it and/or modify it under the terms of the GNU General
+ * Public License version 2, as published by the Free Software Foundation.
+ *
+ * Paludis is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
+ * Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#include <paludis/repositories/e/check_userpriv.hh>
+#include <paludis/util/exception.hh>
+#include <paludis/util/system.hh>
+#include <paludis/util/fs_stat.hh>
+#include <paludis/util/stringify.hh>
+#include <paludis/util/log.hh>
+#include <paludis/environment.hh>
+
+using namespace paludis;
+using namespace paludis::erepository;
+
+bool
+paludis::erepository::check_userpriv(const FSPath & f, const Environment * env, bool mandatory)
+{
+ Context c("When checking permissions on '" + stringify(f) + "' for userpriv:");
+
+ if (! getenv_with_default("PALUDIS_BYPASS_USERPRIV_CHECKS", "").empty())
+ return false;
+
+ FSStat f_stat(f);
+ if (f_stat.exists())
+ {
+ if (f_stat.group() != env->reduced_gid())
+ {
+ if (mandatory)
+ throw ConfigurationError("Directory '" + stringify(f) + "' owned by group '" + get_group_name(f_stat.group())
+ + "', not '" + get_group_name(env->reduced_gid()) + "'");
+ else
+ Log::get_instance()->message("e.ebuild.userpriv_disabled", ll_warning, lc_context) << "Directory '" <<
+ f << "' owned by group '" << get_group_name(f_stat.group()) << "', not '"
+ << get_group_name(env->reduced_gid()) << "', so cannot enable userpriv";
+ return false;
+ }
+ else if (0 == (f_stat.permissions() & S_IWGRP))
+ {
+ if (mandatory)
+ throw ConfigurationError("Directory '" + stringify(f) + "' does not have group write permission");
+ else
+ Log::get_instance()->message("e.ebuild.userpriv_disabled", ll_warning, lc_context) << "Directory '" <<
+ f << "' does not have group write permission, cannot enable userpriv";
+ return false;
+ }
+ }
+
+ return true;
+}