summaryrefslogtreecommitdiff
path: root/apt-pkg
diff options
context:
space:
mode:
Diffstat (limited to 'apt-pkg')
-rw-r--r--apt-pkg/acquire-item.cc12
-rw-r--r--apt-pkg/acquire.cc5
-rw-r--r--apt-pkg/contrib/fileutl.cc7
-rw-r--r--apt-pkg/init.cc3
4 files changed, 21 insertions, 6 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 97ff1bd18..44d45cedb 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -215,7 +215,11 @@ bool pkgAcquire::Item::Rename(string From,string To)
void pkgAcquire::Item::QueueURI(ItemDesc &Item)
{
if (RealFileExists(DestFile))
- ChangeOwnerAndPermissionOfFile("GetPartialFileName", DestFile.c_str(), "_apt", "root", 0600);
+ {
+ std::string SandboxUser = _config->Find("APT::Sandbox::User");
+ ChangeOwnerAndPermissionOfFile("GetPartialFileName", DestFile.c_str(),
+ SandboxUser.c_str(), "root", 0600);
+ }
Owner->Enqueue(Item);
}
void pkgAcquire::Item::Dequeue()
@@ -2486,7 +2490,8 @@ bool pkgAcqArchive::QueueNext()
else
{
PartialSize = Buf.st_size;
- ChangeOwnerAndPermissionOfFile("pkgAcqArchive::QueueNext", DestFile.c_str(), "_apt", "root", 0600);
+ std::string SandboxUser = _config->Find("APT::Sandbox::User");
+ ChangeOwnerAndPermissionOfFile("pkgAcqArchive::QueueNext",DestFile.c_str(), SandboxUser.c_str(), "root", 0600);
}
}
@@ -2654,7 +2659,8 @@ pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI, HashStringList const &Hashe
else
{
PartialSize = Buf.st_size;
- ChangeOwnerAndPermissionOfFile("pkgAcqFile", DestFile.c_str(), "_apt", "root", 0600);
+ std::string SandboxUser = _config->Find("APT::Sandbox::User");
+ ChangeOwnerAndPermissionOfFile("pkgAcqFile", DestFile.c_str(), SandboxUser.c_str(), "root", 0600);
}
}
diff --git a/apt-pkg/acquire.cc b/apt-pkg/acquire.cc
index 34c7f06de..3ef912600 100644
--- a/apt-pkg/acquire.cc
+++ b/apt-pkg/acquire.cc
@@ -83,10 +83,11 @@ static bool SetupAPTPartialDirectory(std::string const &grand, std::string const
if (getuid() == 0) // if we aren't root, we can't chown, so don't try it
{
- struct passwd *pw = getpwnam("_apt");
+ std::string SandboxUser = _config->Find("APT::Sandbox::User");
+ struct passwd *pw = getpwnam(SandboxUser.c_str());
struct group *gr = getgrnam("root");
if (pw != NULL && gr != NULL && chown(partial.c_str(), pw->pw_uid, gr->gr_gid) != 0)
- _error->WarningE("SetupAPTPartialDirectory", "chown to _apt:root of directory %s failed", partial.c_str());
+ _error->WarningE("SetupAPTPartialDirectory", "chown to %s:root of directory %s failed", SandboxUser.c_str(), partial.c_str());
}
if (chmod(partial.c_str(), 0700) != 0)
_error->WarningE("SetupAPTPartialDirectory", "chmod 0700 of directory %s failed", partial.c_str());
diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc
index 3e592d94f..f6351b7b5 100644
--- a/apt-pkg/contrib/fileutl.cc
+++ b/apt-pkg/contrib/fileutl.cc
@@ -2168,6 +2168,12 @@ bool DropPrivileges() /*{{{*/
if(_config->FindB("Debug::NoDropPrivs", false) == true)
return true;
+ // empty setting disables DropPrivilidges - this also ensures
+ // backward compatibility, see bug #764506
+ const std::string toUser = _config->Find("APT::Sandbox::User");
+ if (toUser.empty())
+ return true;
+
#if __gnu_linux__
#if defined(PR_SET_NO_NEW_PRIVS) && ( PR_SET_NO_NEW_PRIVS != 38 )
#error "PR_SET_NO_NEW_PRIVS is defined, but with a different value than expected!"
@@ -2186,7 +2192,6 @@ bool DropPrivileges() /*{{{*/
if (old_uid != 0)
return true;
- const std::string toUser = _config->Find("APT::Sandbox::User", "_apt");
struct passwd *pw = getpwnam(toUser.c_str());
if (pw == NULL)
return _error->Error("No user %s, can not drop rights", toUser.c_str());
diff --git a/apt-pkg/init.cc b/apt-pkg/init.cc
index 82dff4ee8..8d206e428 100644
--- a/apt-pkg/init.cc
+++ b/apt-pkg/init.cc
@@ -95,6 +95,9 @@ bool pkgInitConfig(Configuration &Cnf)
// Default cdrom mount point
Cnf.CndSet("Acquire::cdrom::mount", "/media/cdrom/");
+ // The default user we drop to in the methods
+ Cnf.CndSet("APT::Sandbox::User", "_apt");
+
bool Res = true;
// Read an alternate config file