[39069] branches/gsoc08-privileges/base/src
pmagrath at macports.org
pmagrath at macports.org
Wed Aug 6 15:18:07 PDT 2008
Revision: 39069
http://trac.macosforge.org/projects/macports/changeset/39069
Author: pmagrath at macports.org
Date: 2008-08-06 15:18:07 -0700 (Wed, 06 Aug 2008)
Log Message:
-----------
Comment problem with sudo during port uninstall. Break out privilege dropping to a separate procedure in portutil.
Modified Paths:
--------------
branches/gsoc08-privileges/base/src/port/port.tcl
branches/gsoc08-privileges/base/src/port1.0/portutil.tcl
Modified: branches/gsoc08-privileges/base/src/port/port.tcl
===================================================================
--- branches/gsoc08-privileges/base/src/port/port.tcl 2008-08-06 21:34:21 UTC (rev 39068)
+++ branches/gsoc08-privileges/base/src/port/port.tcl 2008-08-06 22:18:07 UTC (rev 39069)
@@ -1756,6 +1756,7 @@
proc action_uninstall { action portlist opts } {
+
set status 0
if {[macports::global_option_isset port_uninstall_old]} {
# if -u then uninstall all inactive ports
@@ -1769,11 +1770,22 @@
}
foreachport $portlist {
+
if { [catch {portuninstall::uninstall $portname [composite_version $portversion [array get variations]] [array get options]} result] } {
global errorInfo
ui_debug "$errorInfo"
+
+ # start gsoc08-privileges
+ if { [string first "permission denied" $result] != -1 } {
+ set result "port requires root privileges for this action and needs you to execute 'sudo port uninstall $portname' to continue."
+ #ui_msg [exec sudo port uninstall $portname]
+ # The above line is what should be here to let the user simply enter his/her password to uninstall as root.
+ # However, for some as yet unknown reason, executing it here will not work.
+ }
+ # end gsoc08-privileges
+
break_softcontinue "port uninstall failed: $result" 1 status
- }
+ }
}
return 0
@@ -2482,7 +2494,7 @@
# start gsoc08-privileges
if { [geteuid] != 0 && $result == 2} {
# mportexec will return an error result code 2 if eval_targets fails due to insufficient privileges.
- ui_warn "Attempting port action with 'sudo port': 'sudo port $target $portname'."
+ ui_info "Attempting port action with 'sudo port': 'sudo port $target $portname'."
set result 0
ui_msg [exec sudo port $target $portname]
ui_debug "'sudo port $target $portname' has completed."
Modified: branches/gsoc08-privileges/base/src/port1.0/portutil.tcl
===================================================================
--- branches/gsoc08-privileges/base/src/port1.0/portutil.tcl 2008-08-06 21:34:21 UTC (rev 39068)
+++ branches/gsoc08-privileges/base/src/port1.0/portutil.tcl 2008-08-06 22:18:07 UTC (rev 39069)
@@ -1407,37 +1407,13 @@
# open file to store name of completed targets
proc open_statefile {args} {
global workpath worksymlink place_worksymlink portname portpath ports_ignore_older
- global altprefix macportsuser euid egid usealtworkpath env applications_dir portbuildpath distpath
+ global altprefix usealtworkpath env applications_dir portbuildpath distpath
global portname
# start gsoc08-privileges
# descalate privileges - only ran if macports stated with sudo
- if { [geteuid] == 0 } {
- if { [catch {
- set euid [geteuid]
- set egid [getegid]
- ui_debug "changing euid/egid - current euid: $euid - current egid: $egid"
-
- #seteuid [name_to_uid [file attributes $workpath -owner]]
- #setegid [name_to_gid [file attributes $workpath -group]]
-
- setegid [name_to_gid "$macportsuser"]
- seteuid [name_to_uid "$macportsuser"]
- ui_debug "egid changed to: [getegid]"
- ui_debug "euid changed to: [geteuid]"
-
- if {![file writable $workpath]} {
- ui_debug "Privileges successfully descalated. Unable to write to workpath."
- }
- }]
- } {
- ui_debug "$::errorInfo"
- ui_error "Failed to descalate privileges."
- }
- } else {
- ui_debug "Privilege desclation not attempted as not running as root."
- }
+ dropPrivileges
# if unable to write to workpath, implies running without either root privileges
# or a shared directory owned by the group so use ~/.macports
@@ -1447,9 +1423,8 @@
set username [uid_to_name $userid]
if { $userid !=0 } {
- ui_msg "Insufficient privileges to perform action on port '$portname' for all users."
- ui_msg "Action will be performed for current user (${username}) only."
- ui_msg "Install actions should be executed using sudo."
+ ui_msg "MacPorts running without privileges.\
+ You may be prompted for your sudo password in order to complete certain actions (eg install)."
}
# set global variable indicating to other functions to use ~/.macports as well
@@ -2345,3 +2320,35 @@
}
}
+##
+# Descalate privileges from root to those of $macportsuser.
+#
+proc dropPrivileges {} {
+ global euid egid macportsuser workpath
+ if { [geteuid] == 0 } {
+ if { [catch {
+ set euid [geteuid]
+ set egid [getegid]
+ ui_debug "changing euid/egid - current euid: $euid - current egid: $egid"
+
+ #seteuid [name_to_uid [file attributes $workpath -owner]]
+ #setegid [name_to_gid [file attributes $workpath -group]]
+
+ setegid [name_to_gid "$macportsuser"]
+ seteuid [name_to_uid "$macportsuser"]
+ ui_debug "egid changed to: [getegid]"
+ ui_debug "euid changed to: [geteuid]"
+
+ if {![file writable $workpath]} {
+ ui_debug "Privileges successfully descalated. Unable to write to default workpath."
+ }
+ }]
+ } {
+ ui_debug "$::errorInfo"
+ ui_error "Failed to descalate privileges."
+ }
+ } else {
+ ui_debug "Privilege desclation not attempted as not running as root."
+ }
+}
+
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/macports-changes/attachments/20080806/cc24f882/attachment.html
More information about the macports-changes
mailing list