From: Zac Medico <zmedico@gentoo.org>
Date: Thu, 16 Mar 2006 06:39:10 +0000 (-0000)
Subject: Revert a hunk from r2834 because PORTAGE_SANDBOX_T is used incorrectly where PORTAGE_... 
X-Git-Tag: v2.1_pre7~69
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=f73f7adf494fcae968c76a754dc1c56294b1293a;p=portage.git

Revert a hunk from r2834 because PORTAGE_SANDBOX_T is used incorrectly where PORTAGE_FETCH_T should be used for selinux fetch.  Thanks to spb for reporting.

svn path=/main/trunk/; revision=2906
---

diff --git a/pym/portage.py b/pym/portage.py
index 2aace4c45..cf76952d0 100644
--- a/pym/portage.py
+++ b/pym/portage.py
@@ -1928,9 +1928,14 @@ def fetch(myuris, mysettings, listonly=0, fetchonly=0, locks_in_subdir=".locks",
 					myfetch=string.replace(locfetch,"${URI}",loc)
 					myfetch=string.replace(myfetch,"${FILE}",myfile)
 					try:
-						myret = spawn(myfetch, mysettings, free=1,
-							droppriv=("userfetch" in mysettings.features),
-							sesandbox=selinux_enabled)
+						if selinux_enabled:
+							con = selinux.getcontext()
+							con = string.replace(con, mysettings["PORTAGE_T"], mysettings["PORTAGE_FETCH_T"])
+							selinux.setexec(con)
+							myret = spawn(myfetch, mysettings, free=1, droppriv=("userfetch" in mysettings.features))
+							selinux.setexec(None)
+						else:
+							myret = spawn(myfetch, mysettings, free=1, droppriv=("userfetch" in mysettings.features))
 					finally:
 						#if root, -always- set the perms.
 						if os.path.exists(mysettings["DISTDIR"]+"/"+myfile) and (fetched != 1 or os.getuid() == 0) \