not in the portage group, allowing for better privilege isolation.
svn path=/main/trunk/; revision=13660
gid=portage_gid
perms=0665"""
- for x,y in (("gid",portage_gid),("perms",0664)):
+ for x, y in (("gid", -1), ("perms", -1)):
if x in config:
setattr(self, "_"+x, config[x])
del config[x]
"""returns true or false if it's able to ensure that path is properly chmod'd and chowned.
if mtime is specified, attempts to ensure that's correct also"""
try:
- os.chown(path, -1, self._gid)
- os.chmod(path, self._perms)
+ if self._gid != -1:
+ os.chown(path, -1, self._gid)
+ if self._perms != -1:
+ os.chmod(path, self._perms)
if mtime != -1:
mtime=long(mtime)
os.utime(path, (mtime, mtime))
for dir in path.lstrip(os.path.sep).rstrip(os.path.sep).split(os.path.sep):
base = os.path.join(base,dir)
if not os.path.exists(base):
- um=os.umask(0)
+ if self._perms != -1:
+ um = os.umask(0)
try:
- os.mkdir(base, self._perms | 0111)
- os.chown(base, -1, self._gid)
+ perms = self._perms
+ if perms == -1:
+ perms = 0
+ perms |= 0755
+ os.mkdir(base, perms)
+ if self._gid != -1:
+ os.chown(base, -1, self._gid)
finally:
- os.umask(um)
+ if self._perms != -1:
+ os.umask(um)
def gen_label(base, label):
database=self._dbpath, **connection_kwargs)
self._db_cursor = self._db_connection.cursor()
self._db_cursor.execute("PRAGMA encoding = %s" % self._db_escape_string("UTF-8"))
- if not apply_secpass_permissions(self._dbpath, gid=portage_gid, mode=070, mask=02):
+ if not self._ensure_access(self._dbpath):
raise cache_errors.InitializationError(self.__class__, "can't ensure perms on %s" % self._dbpath)
self._db_init_cache_size(config["cache_bytes"])
self._db_init_synchronous(config["synchronous"])
self.auxdb = {}
self._pregen_auxdb = {}
self._init_cache_dirs()
+ depcachedir_w_ok = os.access(self.depcachedir, os.W_OK)
+ cache_kwargs = {
+ 'gid' : portage_gid,
+ 'perms' : 0664
+ }
+
+ if secpass < 1:
+ # portage_gid is irrelevant, so just obey umask
+ cache_kwargs['gid'] = -1
+ cache_kwargs['perms'] = -1
+
# XXX: REMOVE THIS ONCE UNUSED_0 IS YANKED FROM auxdbkeys
# ~harring
filtered_auxdbkeys = filter(lambda x: not x.startswith("UNUSED_0"), auxdbkeys)
filtered_auxdbkeys.sort()
from portage.cache import metadata_overlay, volatile
- if secpass < 1:
+ if not depcachedir_w_ok:
for x in self.porttrees:
db_ro = self.auxdbmodule(self.depcachedir, x,
filtered_auxdbkeys, gid=portage_gid, readonly=True)
continue
# location, label, auxdbkeys
self.auxdb[x] = self.auxdbmodule(
- self.depcachedir, x, filtered_auxdbkeys, gid=portage_gid)
+ self.depcachedir, x, filtered_auxdbkeys, **cache_kwargs)
if self.auxdbmodule is metadata_overlay.database:
self.auxdb[x].db_ro.ec = self._repo_info[x].eclass_db
if "metadata-transfer" not in self.mysettings.features: