Use bash to spawn FETCHCOMMAND under selinux since most other binaries are forbidden...

author Zac Medico <zmedico@gentoo.org>

Tue, 22 May 2007 05:26:33 +0000 (05:26 -0000)

committer Zac Medico <zmedico@gentoo.org>

Tue, 22 May 2007 05:26:33 +0000 (05:26 -0000)
author Zac Medico <zmedico@gentoo.org>
Tue, 22 May 2007 05:26:33 +0000 (05:26 -0000)
committer Zac Medico <zmedico@gentoo.org>
Tue, 22 May 2007 05:26:33 +0000 (05:26 -0000)
diff --git a/pym/portage/__init__.py b/pym/portage/__init__.py

index 664f0a7d77ec7995709d857a1b27ec7613456b28..171806f7a356d72757533ab7e8e7a49d977434fe 100644 (file)
--- a/pym/portage/__init__.py
+++ b/pym/portage/__init__.py
@@ -2687,6 +2687,8 @@ def fetch(myuris, mysettings, listonly=0, fetchonly=0, locks_in_subdir=".locks",
                                                         con = selinux.getcontext()
                                                         con = con.replace(mysettings["PORTAGE_T"], mysettings["PORTAGE_FETCH_T"])
                                                         selinux.setexec(con)
+                                                       # bash is an allowed entrypoint, while most binaries are not
+                                                       myfetch = ["bash", "-c", "exec \"$@\"", myfetch[0]] + myfetch
  
                                                 myret = portage.process.spawn(myfetch,
                                                         env=mysettings.environ(), **spawn_keywords)
author	Zac Medico <zmedico@gentoo.org>
	Tue, 22 May 2007 05:26:33 +0000 (05:26 -0000)
committer	Zac Medico <zmedico@gentoo.org>
	Tue, 22 May 2007 05:26:33 +0000 (05:26 -0000)