summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--apt-pkg/acquire-method.cc2
-rw-r--r--apt-pkg/contrib/fileutl.cc61
-rw-r--r--apt-pkg/contrib/fileutl.h2
-rw-r--r--cmdline/apt-dump-solver.cc2
-rw-r--r--cmdline/apt-internal-solver.cc2
5 files changed, 34 insertions, 35 deletions
diff --git a/apt-pkg/acquire-method.cc b/apt-pkg/acquire-method.cc
index cbcbea247..8533e319f 100644
--- a/apt-pkg/acquire-method.cc
+++ b/apt-pkg/acquire-method.cc
@@ -127,7 +127,7 @@ void pkgAcqMethod::Fail(string Err,bool Transient)
/* */
void pkgAcqMethod::DropPrivsOrDie()
{
- if (!DropPrivs()) {
+ if (!DropPrivileges()) {
Fail(false);
exit(112); /* call the european emergency number */
}
diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc
index c5eb56f0e..3e592d94f 100644
--- a/apt-pkg/contrib/fileutl.cc
+++ b/apt-pkg/contrib/fileutl.cc
@@ -857,11 +857,7 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap)
return true;
}
/*}}}*/
-
-
-// StartsWithGPGClearTextSignature - Check if a file is Pgp/GPG clearsigned /*{{{*/
-// ---------------------------------------------------------------------
-/* */
+// StartsWithGPGClearTextSignature - Check if a file is Pgp/GPG clearsigned /*{{{*/
bool StartsWithGPGClearTextSignature(string const &FileName)
{
static const char* SIGMSG = "-----BEGIN PGP SIGNED MESSAGE-----\n";
@@ -877,7 +873,7 @@ bool StartsWithGPGClearTextSignature(string const &FileName)
return true;
}
-
+ /*}}}*/
class FileFdPrivate { /*{{{*/
public:
@@ -2035,10 +2031,7 @@ APT_DEPRECATED gzFile FileFd::gzFd() {
#endif
}
-
-// Glob - wrapper around "glob()" /*{{{*/
-// ---------------------------------------------------------------------
-/* */
+// Glob - wrapper around "glob()" /*{{{*/
std::vector<std::string> Glob(std::string const &pattern, int flags)
{
std::vector<std::string> result;
@@ -2064,8 +2057,7 @@ std::vector<std::string> Glob(std::string const &pattern, int flags)
return result;
}
/*}}}*/
-
-std::string GetTempDir()
+std::string GetTempDir() /*{{{*/
{
const char *tmpdir = getenv("TMPDIR");
@@ -2081,8 +2073,8 @@ std::string GetTempDir()
return string(tmpdir);
}
-
-FileFd* GetTempFile(std::string const &Prefix, bool ImmediateUnlink)
+ /*}}}*/
+FileFd* GetTempFile(std::string const &Prefix, bool ImmediateUnlink) /*{{{*/
{
char fn[512];
FileFd *Fd = new FileFd();
@@ -2106,19 +2098,19 @@ FileFd* GetTempFile(std::string const &Prefix, bool ImmediateUnlink)
return Fd;
}
-
-bool Rename(std::string From, std::string To)
+ /*}}}*/
+bool Rename(std::string From, std::string To) /*{{{*/
{
if (rename(From.c_str(),To.c_str()) != 0)
{
_error->Error(_("rename failed, %s (%s -> %s)."),strerror(errno),
From.c_str(),To.c_str());
return false;
- }
+ }
return true;
}
-
-bool Popen(const char* Args[], FileFd &Fd, pid_t &Child, FileFd::OpenMode Mode)
+ /*}}}*/
+bool Popen(const char* Args[], FileFd &Fd, pid_t &Child, FileFd::OpenMode Mode)/*{{{*/
{
int fd;
if (Mode != FileFd::ReadOnly && Mode != FileFd::WriteOnly)
@@ -2170,29 +2162,35 @@ bool Popen(const char* Args[], FileFd &Fd, pid_t &Child, FileFd::OpenMode Mode)
return true;
}
-
-bool DropPrivs()
+ /*}}}*/
+bool DropPrivileges() /*{{{*/
{
+ if(_config->FindB("Debug::NoDropPrivs", false) == true)
+ return true;
+
+#if __gnu_linux__
+#if defined(PR_SET_NO_NEW_PRIVS) && ( PR_SET_NO_NEW_PRIVS != 38 )
+#error "PR_SET_NO_NEW_PRIVS is defined, but with a different value than expected!"
+#endif
+ // see prctl(2), needs linux3.5 at runtime - magic constant to avoid it at buildtime
+ int ret = prctl(38, 1, 0, 0, 0);
+ // ignore EINVAL - kernel is too old to understand the option
+ if(ret < 0 && errno != EINVAL)
+ _error->Warning("PR_SET_NO_NEW_PRIVS failed with %i", ret);
+#endif
+
// uid will be 0 in the end, but gid might be different anyway
- uid_t old_uid = getuid();
- gid_t old_gid = getgid();
+ uid_t const old_uid = getuid();
+ gid_t const old_gid = getgid();
if (old_uid != 0)
return true;
- if(_config->FindB("Debug::NoDropPrivs", false) == true)
- return true;
const std::string toUser = _config->Find("APT::Sandbox::User", "_apt");
struct passwd *pw = getpwnam(toUser.c_str());
if (pw == NULL)
return _error->Error("No user %s, can not drop rights", toUser.c_str());
-#if __gnu_linux__
- // see prctl(2), needs linux3.5
- int ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0,0, 0);
- if(ret < 0)
- _error->Warning("PR_SET_NO_NEW_PRIVS failed with %i", ret);
-#endif
// Do not change the order here, it might break things
if (setgroups(1, &pw->pw_gid))
return _error->Errno("setgroups", "Failed to setgroups");
@@ -2259,3 +2257,4 @@ bool DropPrivs()
return true;
}
+ /*}}}*/
diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h
index 9dd29eb9e..a64d6cb98 100644
--- a/apt-pkg/contrib/fileutl.h
+++ b/apt-pkg/contrib/fileutl.h
@@ -210,7 +210,7 @@ bool StartsWithGPGClearTextSignature(std::string const &FileName);
*
* \return true on success, false on failure with _error set
*/
-bool DropPrivs();
+bool DropPrivileges();
// File string manipulators
std::string flNotDir(std::string File);
diff --git a/cmdline/apt-dump-solver.cc b/cmdline/apt-dump-solver.cc
index 424764b3c..f765234c5 100644
--- a/cmdline/apt-dump-solver.cc
+++ b/cmdline/apt-dump-solver.cc
@@ -41,7 +41,7 @@ int main(int argc,const char *argv[]) /*{{{*/
return 0;
}
// we really don't need anything
- DropPrivs();
+ DropPrivileges();
FILE* input = fdopen(STDIN_FILENO, "r");
FILE* output = fopen("/tmp/dump.edsp", "w");
diff --git a/cmdline/apt-internal-solver.cc b/cmdline/apt-internal-solver.cc
index 0f2ec6283..92a4429e5 100644
--- a/cmdline/apt-internal-solver.cc
+++ b/cmdline/apt-internal-solver.cc
@@ -77,7 +77,7 @@ int main(int argc,const char *argv[]) /*{{{*/
{0,0,0,0}};
// we really don't need anything
- DropPrivs();
+ DropPrivileges();
CommandLine CmdL(Args,_config);
if (pkgInitConfig(*_config) == false ||