[38922] branches/gsoc08-privileges/base/src

pmagrath at macports.org pmagrath at macports.org
Sat Aug 2 10:05:25 PDT 2008


Revision: 38922
          http://trac.macosforge.org/projects/macports/changeset/38922
Author:   pmagrath at macports.org
Date:     2008-08-02 10:05:24 -0700 (Sat, 02 Aug 2008)
Log Message:
-----------
Some tidy ups and only elevate privileges if error is a privileges error.

Modified Paths:
--------------
    branches/gsoc08-privileges/base/src/port/port.tcl
    branches/gsoc08-privileges/base/src/port1.0/portbuild.tcl
    branches/gsoc08-privileges/base/src/port1.0/portclean.tcl
    branches/gsoc08-privileges/base/src/port1.0/portconfigure.tcl
    branches/gsoc08-privileges/base/src/port1.0/portdestroot.tcl
    branches/gsoc08-privileges/base/src/port1.0/portmain.tcl
    branches/gsoc08-privileges/base/src/port1.0/portpatch.tcl
    branches/gsoc08-privileges/base/src/port1.0/portutil.tcl

Modified: branches/gsoc08-privileges/base/src/port/port.tcl
===================================================================
--- branches/gsoc08-privileges/base/src/port/port.tcl	2008-08-02 12:33:56 UTC (rev 38921)
+++ branches/gsoc08-privileges/base/src/port/port.tcl	2008-08-02 17:05:24 UTC (rev 38922)
@@ -2415,7 +2415,7 @@
 
 
 proc action_target { action portlist opts } {
-    global global_variations
+    global global_variations 
     set status 0
     if {[require_portlist portlist]} {
         return 1
@@ -2462,7 +2462,7 @@
         }
         
         #ui_debug "worker ($workername) $target $portname"	
-        
+	        
         if {[catch {set result [mportexec $workername $target]} result]} {
             global errorInfo
             mportclose $workername
@@ -2472,11 +2472,10 @@
 
         mportclose $workername
         
-        
         # start gsoc08-privileges
-		if { [geteuid] != 0 && $result == 1 } {
-		# TODO: find a way to detect definitely that the error is privileges related.
-			ui_warn "Attempting to re-run with 'sudo port'. Command: 'sudo port $target $portname'."
+		if { [geteuid] != 0 && $result == 2} {
+			# mportexec will return an error result code 2 if eval_targets fails due to insufficient privileges.
+			ui_warn "Attempting re-run with 'sudo port'. Executing: 'sudo port $target $portname'."
 			set result 0
 			ui_msg [exec sudo port $target $portname]
 			ui_debug "'sudo port $target $portname' has completed."

Modified: branches/gsoc08-privileges/base/src/port1.0/portbuild.tcl
===================================================================
--- branches/gsoc08-privileges/base/src/port1.0/portbuild.tcl	2008-08-02 12:33:56 UTC (rev 38921)
+++ branches/gsoc08-privileges/base/src/port1.0/portbuild.tcl	2008-08-02 17:05:24 UTC (rev 38922)
@@ -135,25 +135,14 @@
 }
 
 proc build_start {args} {
-    global UI_PREFIX build.asroot  macportsuser euid egid
+    global UI_PREFIX build.asroot
     
     ui_msg "$UI_PREFIX [format [msgcat::mc "Building %s"] [option portname]]"
     
     # start gsoc08-privileges
     if { [tbool build.asroot] } {
-	# if port is marked as needing root		
-		if { [getuid] == 0 && [geteuid] == [name_to_uid "$macportsuser"] } { 
-		# if started with sudo but have dropped the privileges
-			ui_debug "Can't run install on this port without elevated privileges."
-			ui_debug "Going to escalate privileges back to root."
-			setegid $egid	
-			seteuid $euid	
-			ui_debug "euid changed to: [geteuid]. egid changed to: [getegid]."
-		}
-		
-		if { [getuid] != 0 } {
-			return -code error "You can not run this port without elevated privileges. You need to re-run with 'sudo port'.";
-		}
+	# if port is marked as needing root	
+		elevateToRoot "build"
 	}
 	# end gsoc08-privileges
     

Modified: branches/gsoc08-privileges/base/src/port1.0/portclean.tcl
===================================================================
--- branches/gsoc08-privileges/base/src/port1.0/portclean.tcl	2008-08-02 12:33:56 UTC (rev 38921)
+++ branches/gsoc08-privileges/base/src/port1.0/portclean.tcl	2008-08-02 17:05:24 UTC (rev 38922)
@@ -49,20 +49,6 @@
     global UI_PREFIX macportsuser euid egid
     
     ui_msg "$UI_PREFIX [format [msgcat::mc "Cleaning %s"] [option portname]]"
-    
-	# start gsoc08-privileges
-	#if { [getuid] == 0 && [geteuid] == [name_to_uid "$macportsuser"] } { 
-	# if started with sudo but have dropped the privileges
-	#	ui_debug "Can't guarantee a good clean without elevated privileges."
-		# TODO: modify so that privilege descalation is conditional on needing
-		# to clean a directory in the /opt hierarchy.
-	#	ui_debug "Going to escalate privileges back to root."
-	#	seteuid $euid	
-	#	setegid $egid
-	#	ui_debug "euid changed to: [geteuid]"
-	#	ui_debug "egid changed to: [getegid]"
-	#}
-	# end gsoc08-privileges
 }
 
 proc clean_main {args} {

Modified: branches/gsoc08-privileges/base/src/port1.0/portconfigure.tcl
===================================================================
--- branches/gsoc08-privileges/base/src/port1.0/portconfigure.tcl	2008-08-02 12:33:56 UTC (rev 38921)
+++ branches/gsoc08-privileges/base/src/port1.0/portconfigure.tcl	2008-08-02 17:05:24 UTC (rev 38922)
@@ -142,28 +142,16 @@
 set_ui_prefix
 
 proc configure_start {args} {
-    global UI_PREFIX macportsuser euid egid
+    global UI_PREFIX
     
     ui_msg "$UI_PREFIX [format [msgcat::mc "Configuring %s"] [option portname]]"
     
     # start gsoc08-privileges
     if { [tbool configure.asroot] } {
-	# if port is marked as needing root		
-		if { [getuid] == 0 && [geteuid] == [name_to_uid "$macportsuser"] } { 
-		# if started with sudo but have dropped the privileges
-			ui_debug "Can't run install on this port without elevated privileges."
-			ui_debug "Going to escalate privileges back to root."
-			setegid $egid	
-			seteuid $euid	
-			ui_debug "euid changed to: [geteuid]. egid changed to: [getegid]."
-		}
-		
-		if { [getuid] != 0 } {
-			return -code error "You can not run this port without elevated privileges. You need to re-run with 'sudo port'.";
-		}
+	# if port is marked as needing root	
+		elevateToRoot "configure"
 	}
 	# end gsoc08-privileges
-    
 }
 
 # internal function to determine canonical system name for configure

Modified: branches/gsoc08-privileges/base/src/port1.0/portdestroot.tcl
===================================================================
--- branches/gsoc08-privileges/base/src/port1.0/portdestroot.tcl	2008-08-02 12:33:56 UTC (rev 38921)
+++ branches/gsoc08-privileges/base/src/port1.0/portdestroot.tcl	2008-08-02 17:05:24 UTC (rev 38922)
@@ -104,6 +104,8 @@
 	}
 	
 	if { [tbool destroot.asroot] && [getuid] != 0 } {
+		global errorisprivileges
+		set errorisprivileges yes
 		return -code error "You can not run this port without elevated privileges. You need to re-run with 'sudo port'.";
 	}
 	# end gsoc08-privileges

Modified: branches/gsoc08-privileges/base/src/port1.0/portmain.tcl
===================================================================
--- branches/gsoc08-privileges/base/src/port1.0/portmain.tcl	2008-08-02 12:33:56 UTC (rev 38921)
+++ branches/gsoc08-privileges/base/src/port1.0/portmain.tcl	2008-08-02 17:05:24 UTC (rev 38922)
@@ -47,7 +47,7 @@
 options universal_variant os.universal_supported
 
 # Export options via PortInfo
-options_export name version revision epoch categories maintainers platforms description long_description homepage
+options_export name version revision epoch categories maintainers platforms description long_description homepage 
 
 # Assign option procedure to default_variants
 option_proc default_variants handle_default_variants

Modified: branches/gsoc08-privileges/base/src/port1.0/portpatch.tcl
===================================================================
--- branches/gsoc08-privileges/base/src/port1.0/portpatch.tcl	2008-08-02 12:33:56 UTC (rev 38921)
+++ branches/gsoc08-privileges/base/src/port1.0/portpatch.tcl	2008-08-02 17:05:24 UTC (rev 38922)
@@ -50,7 +50,7 @@
 default patch.pre_args -p0
 
 proc patch_main {args} {
-    global UI_PREFIX patch.asroot  macportsuser euid egid
+    global UI_PREFIX
     
     # First make sure that patchfiles exists and isn't stubbed out.
     if {![exists patchfiles]} {
@@ -61,19 +61,8 @@
 	
 	# start gsoc08-privileges
     if { [tbool patch.asroot] } {
-	# if port is marked as needing root		
-		if { [getuid] == 0 && [geteuid] == [name_to_uid "$macportsuser"] } { 
-		# if started with sudo but have dropped the privileges
-			ui_debug "Can't run install on this port without elevated privileges."
-			ui_debug "Going to escalate privileges back to root."
-			setegid $egid	
-			seteuid $euid	
-			ui_debug "euid changed to: [geteuid]. egid changed to: [getegid]."
-		}
-		
-		if { [getuid] != 0 } {
-			return -code error "You can not run this port without elevated privileges. You need to re-run with 'sudo port'.";
-		}
+	# if port is marked as needing root	
+		elevateToRoot "patch"
 	}
 	# end gsoc08-privileges
 

Modified: branches/gsoc08-privileges/base/src/port1.0/portutil.tcl
===================================================================
--- branches/gsoc08-privileges/base/src/port1.0/portutil.tcl	2008-08-02 12:33:56 UTC (rev 38921)
+++ branches/gsoc08-privileges/base/src/port1.0/portutil.tcl	2008-08-02 17:05:24 UTC (rev 38922)
@@ -1389,6 +1389,13 @@
         set result 0
     }
     
+    # start gsoc08-privileges
+    global errorisprivileges
+    if { $result == 1 && $errorisprivileges == "yes" } {
+    	set result 2
+    }
+    # end gsoc08-privileges
+    
     return $result
 }
 
@@ -2287,6 +2294,10 @@
     
 }
 
+##
+# Recusively chown the given file or directory to the specified user, using root privileges.
+#
+# @param path the file/directory to be chowned
 proc chownAsRoot {path} {
     global euid macportsuser
 
@@ -2302,12 +2313,16 @@
 	# if started with sudo but have elevated back to root already
 		chown  ${path} ${macportsuser}
 	} else {
-		ui_debug "not need to chown $path. uid=[getuid]. euid=[geteuid]."
+		ui_debug "no need to chown $path. uid=[getuid]. euid=[geteuid]."
 	}
 }
 
+##
+# Elevate privileges back to root.
+#
+# @param action the action for which privileges are being elevated
 proc elevateToRoot {action} {
-	global euid egid macportsuser
+	global euid egid macportsuser errorisprivileges
 	
 	if { [getuid] == 0 && [geteuid] == [name_to_uid "$macportsuser"] } { 
 	# if started with sudo but have dropped the privileges
@@ -2318,6 +2333,7 @@
 	}
 	
 	if { [getuid] != 0 } {
+		set errorisprivileges yes
 		return -code error "You can not run this port without elevated privileges. You need to re-run with 'sudo port'.";
 	}
 }
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/macports-changes/attachments/20080802/0df90357/attachment.html 


More information about the macports-changes mailing list