Use a new 'usersync' feature to control dropping of privileges for --sync,

since it's fairly common for people to have inconsistent permissions between
$PORTDIR and contained files/directories. (trunk r12496)

svn path=/main/branches/2.1.6/; revision=12506

diff --git a/man/make.conf.5 b/man/make.conf.5
index b2d447eb90b50e8c911c456ee5d8ad92e906dce4..9526a6315d22734bdd8cd9a26fa142d3a4558c4c 100644 (file)
--- a/man/make.conf.5
+++ b/man/make.conf.5
@@ -356,6 +356,10 @@ portage:portage without a sandbox (unless \fIusersandbox\fR is also used).
 .B usersandbox
 Enable the sandbox in the compile phase, when running without root privs (\fIuserpriv\fR).
 .TP
+.B usersync
+Drop privileges to the owner of \fBPORTDIR\fR for \fBemerge(1) --sync\fR
+operations.
+.TP
 .B webrsync-gpg
 Enable GPG verification when using \fIemerge\-webrsync\fR.
 .RE

diff --git a/pym/_emerge/__init__.py b/pym/_emerge/__init__.py
index 130bf7ecf088d3dcfb2819daa213499bdaf9c132..48a1e911a17bbed405170d8ef0e8fe1f110d708e 100644 (file)
--- a/pym/_emerge/__init__.py
+++ b/pym/_emerge/__init__.py
@@ -11892,7 +11892,8 @@ def action_sync(settings, trees, mtimedb, myopts, myaction):
 
        spawn_kwargs = {}
        spawn_kwargs["env"] = settings.environ()
-       if portage.data.secpass >= 2 and \
+       if 'usersync' in settings.features and \
+               portage.data.secpass >= 2 and \
                (st.st_uid != os.getuid() and st.st_mode & 0700 or \
                st.st_gid != os.getgid() and st.st_mode & 0070):
                try: