From 9983999d294887046abf386adc31190700d89b61 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Mon, 13 Oct 2014 10:57:30 +0200 Subject: Fix backward compatiblity of the new pkgAcquireMethod::DropPrivsOrDie() Do not drop privileges in the methods when using a older version of libapt that does not support the chown magic in partial/ yet. To do this DropPrivileges() now will ignore a empty Apt::Sandbox::User. Cleanup all hardcoded _apt along the way. --- apt-pkg/contrib/fileutl.cc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'apt-pkg/contrib/fileutl.cc') diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 3e592d94f..f6351b7b5 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -2168,6 +2168,12 @@ bool DropPrivileges() /*{{{*/ if(_config->FindB("Debug::NoDropPrivs", false) == true) return true; + // empty setting disables DropPrivilidges - this also ensures + // backward compatibility, see bug #764506 + const std::string toUser = _config->Find("APT::Sandbox::User"); + if (toUser.empty()) + return true; + #if __gnu_linux__ #if defined(PR_SET_NO_NEW_PRIVS) && ( PR_SET_NO_NEW_PRIVS != 38 ) #error "PR_SET_NO_NEW_PRIVS is defined, but with a different value than expected!" @@ -2186,7 +2192,6 @@ bool DropPrivileges() /*{{{*/ if (old_uid != 0) return true; - const std::string toUser = _config->Find("APT::Sandbox::User", "_apt"); struct passwd *pw = getpwnam(toUser.c_str()); if (pw == NULL) return _error->Error("No user %s, can not drop rights", toUser.c_str()); -- cgit v1.2.3