From a3f1d60cb75ab83f63a52a43c056a4752c8fdeb2 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Fri, 30 May 2014 14:47:56 +0200 Subject: Show unauthenticated warning for source packages as well This will show the same unauthenticated warning for source packages as for binary packages and will not download a source package if it is unauthenticated. This can be overridden with --allow-unauthenticated Closes: #749795 --- apt-private/private-download.h | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'apt-private/private-download.h') diff --git a/apt-private/private-download.h b/apt-private/private-download.h index a108aa531..a90ac7eaa 100644 --- a/apt-private/private-download.h +++ b/apt-private/private-download.h @@ -5,7 +5,13 @@ class pkgAcquire; +// Check if all files in the fetcher are authenticated APT_PUBLIC bool CheckAuth(pkgAcquire& Fetcher, bool const PromptUser); + +// show a authentication warning prompt and return true if the system +// should continue +APT_PUBLIC bool AuthPrompt(std::string UntrustedList, bool const PromptUser); + APT_PUBLIC bool AcquireRun(pkgAcquire &Fetcher, int const PulseInterval, bool * const Failure, bool * const TransientNetworkFailure); #endif -- cgit v1.2.3 From 460601d53039b1d1b5688a8cd58bae10fb746f57 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Wed, 15 Oct 2014 02:43:44 +0200 Subject: don't drop privileges if _apt has not enough rights MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Privilege dropping breaks download/source/changelog commands as they require the _apt user to have write permissions in the current directory, which is e.g. the case in /tmp, but not in /root, so we disable the privilege dropping if we deal with such a directory based on idea and code by Michael Vogt. The alternative would be to download always to a temp directory and move it then done, but this breaks partial file support. To resolve this, we could move to one of our partial/ directories, but this would require a lock which would block root from using two of these commands in parallel. As both seems unacceptable we instead let the user choose what to do: Either a directory is setupped for _apt, downloading as root is accepted or – which is potentially even better – an unprivileged user is used for the commands. --- apt-private/private-download.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'apt-private/private-download.h') diff --git a/apt-private/private-download.h b/apt-private/private-download.h index a90ac7eaa..809650a97 100644 --- a/apt-private/private-download.h +++ b/apt-private/private-download.h @@ -3,14 +3,18 @@ #include +#include + class pkgAcquire; +APT_PUBLIC bool CheckDropPrivsMustBeDisabled(pkgAcquire &Fetcher); + // Check if all files in the fetcher are authenticated APT_PUBLIC bool CheckAuth(pkgAcquire& Fetcher, bool const PromptUser); // show a authentication warning prompt and return true if the system // should continue -APT_PUBLIC bool AuthPrompt(std::string UntrustedList, bool const PromptUser); +APT_PUBLIC bool AuthPrompt(std::string const &UntrustedList, bool const PromptUser); APT_PUBLIC bool AcquireRun(pkgAcquire &Fetcher, int const PulseInterval, bool * const Failure, bool * const TransientNetworkFailure); -- cgit v1.2.3 From 9c81f8de38df940559d13a3ea9591d63cbe970bb Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Wed, 15 Oct 2014 04:18:07 +0200 Subject: check for available space, excluding root reserved blocks MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We are checking the space requirements for ages, but the check uses the free blocks count, which includes the blocks reserved for usage by root. Now that we use an unprivileged user it has no access to these blocks anymore – and more importantly these blocks are a reserve, they shouldn't be used by apt without special encouragement by the user as it would be bad to have dpkg run out of diskspace and maintainerscripts like man-db skip certain actions if not enough space is available freely. --- apt-private/private-download.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'apt-private/private-download.h') diff --git a/apt-private/private-download.h b/apt-private/private-download.h index 809650a97..0a0ac6b95 100644 --- a/apt-private/private-download.h +++ b/apt-private/private-download.h @@ -18,4 +18,6 @@ APT_PUBLIC bool AuthPrompt(std::string const &UntrustedList, bool const PromptUs APT_PUBLIC bool AcquireRun(pkgAcquire &Fetcher, int const PulseInterval, bool * const Failure, bool * const TransientNetworkFailure); +APT_PUBLIC bool CheckFreeSpaceBeforeDownload(std::string const &Dir, unsigned long long FetchBytes); + #endif -- cgit v1.2.3