aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZac Medico <zmedico@gentoo.org>2020-03-21 18:13:22 -0700
committerZac Medico <zmedico@gentoo.org>2020-03-22 18:15:04 -0700
commit2342e77eea8e00a572623f86d20cde2dc7098aa5 (patch)
tree943c27d6be378518f7372a3adfc1bb5405c027f1
parentAsynchronousTask: in _async_wait, call self.wait() immediately (diff)
downloadportage-2342e77eea8e00a572623f86d20cde2dc7098aa5.tar.gz
portage-2342e77eea8e00a572623f86d20cde2dc7098aa5.tar.bz2
portage-2342e77eea8e00a572623f86d20cde2dc7098aa5.zip
_post_phase_userpriv_perms: handle $HOME (bug 713100)
Ensure that the userpriv UID has appropriate permission for files created in $HOME during privileged phases like pkg_setup, in the same way as for $T. This prevents potential permission issues for programs invoked during unprivileged phases, and it improves alignment with PMS which specifies identical behavior for both $HOME and $T. Bug: https://bugs.gentoo.org/713100 Signed-off-by: Zac Medico <zmedico@gentoo.org>
-rw-r--r--lib/portage/package/ebuild/doebuild.py7
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/portage/package/ebuild/doebuild.py b/lib/portage/package/ebuild/doebuild.py
index 75fcb8a51..2bff94cb1 100644
--- a/lib/portage/package/ebuild/doebuild.py
+++ b/lib/portage/package/ebuild/doebuild.py
@@ -1765,9 +1765,10 @@ def _post_phase_userpriv_perms(mysettings):
if "userpriv" in mysettings.features and secpass >= 2:
""" Privileged phases may have left files that need to be made
writable to a less privileged user."""
- apply_recursive_permissions(mysettings["T"],
- uid=portage_uid, gid=portage_gid, dirmode=0o700, dirmask=0,
- filemode=0o600, filemask=0)
+ for path in (mysettings["HOME"], mysettings["T"]):
+ apply_recursive_permissions(path,
+ uid=portage_uid, gid=portage_gid, dirmode=0o700, dirmask=0,
+ filemode=0o600, filemask=0)
def _check_build_log(mysettings, out=None):