From f73f7adf494fcae968c76a754dc1c56294b1293a Mon Sep 17 00:00:00 2001 From: Zac Medico Date: Thu, 16 Mar 2006 06:39:10 +0000 Subject: [PATCH] Revert a hunk from r2834 because PORTAGE_SANDBOX_T is used incorrectly where PORTAGE_FETCH_T should be used for selinux fetch. Thanks to spb for reporting. svn path=/main/trunk/; revision=2906 --- pym/portage.py | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/pym/portage.py b/pym/portage.py index 2aace4c45..cf76952d0 100644 --- a/pym/portage.py +++ b/pym/portage.py @@ -1928,9 +1928,14 @@ def fetch(myuris, mysettings, listonly=0, fetchonly=0, locks_in_subdir=".locks", myfetch=string.replace(locfetch,"${URI}",loc) myfetch=string.replace(myfetch,"${FILE}",myfile) try: - myret = spawn(myfetch, mysettings, free=1, - droppriv=("userfetch" in mysettings.features), - sesandbox=selinux_enabled) + if selinux_enabled: + con = selinux.getcontext() + con = string.replace(con, mysettings["PORTAGE_T"], mysettings["PORTAGE_FETCH_T"]) + selinux.setexec(con) + myret = spawn(myfetch, mysettings, free=1, droppriv=("userfetch" in mysettings.features)) + selinux.setexec(None) + else: + myret = spawn(myfetch, mysettings, free=1, droppriv=("userfetch" in mysettings.features)) finally: #if root, -always- set the perms. if os.path.exists(mysettings["DISTDIR"]+"/"+myfile) and (fetched != 1 or os.getuid() == 0) \ -- 2.26.2