[51936] branches/images-and-archives/base
blb at macports.org
blb at macports.org
Sat Jun 6 17:25:49 PDT 2009
Revision: 51936
http://trac.macports.org/changeset/51936
Author: blb at macports.org
Date: 2009-06-06 17:25:48 -0700 (Sat, 06 Jun 2009)
Log Message:
-----------
Merge from trunk
Modified Paths:
--------------
branches/images-and-archives/base/src/macports1.0/macports.tcl
branches/images-and-archives/base/src/pextlib1.0/Pextlib.c
branches/images-and-archives/base/src/pextlib1.0/tracelib.c
branches/images-and-archives/base/src/port/port.tcl
branches/images-and-archives/base/src/port1.0/portbuild.tcl
branches/images-and-archives/base/src/port1.0/portconfigure.tcl
branches/images-and-archives/base/src/port1.0/portdestroot.tcl
branches/images-and-archives/base/src/port1.0/portextract.tcl
branches/images-and-archives/base/src/port1.0/portfetch.tcl
branches/images-and-archives/base/src/port1.0/portmain.tcl
branches/images-and-archives/base/src/port1.0/portpatch.tcl
branches/images-and-archives/base/src/port1.0/portutil.tcl
Property Changed:
----------------
branches/images-and-archives/base/
Property changes on: branches/images-and-archives/base
___________________________________________________________________
Modified: svn:mergeinfo
- /branches/gsoc08-privileges/base:37343-46937
/branches/variant-descs-14482/base:34469-34855,34900-37508,37511-37512,41040-41463,42575-42626,42640-42659
/trunk/base:50249-51895
/users/perry/base-bugs_and_notes:45682-46060
/users/perry/base-select:44044-44692
+ /branches/gsoc08-privileges/base:37343-46937
/branches/variant-descs-14482/base:34469-34855,34900-37508,37511-37512,41040-41463,42575-42626,42640-42659
/trunk/base:50249-51935
/users/perry/base-bugs_and_notes:45682-46060
/users/perry/base-select:44044-44692
Modified: branches/images-and-archives/base/src/macports1.0/macports.tcl
===================================================================
--- branches/images-and-archives/base/src/macports1.0/macports.tcl 2009-06-07 00:18:10 UTC (rev 51935)
+++ branches/images-and-archives/base/src/macports1.0/macports.tcl 2009-06-07 00:25:48 UTC (rev 51936)
@@ -237,7 +237,7 @@
}
# check for a binary in the path
-# returns an error code if it can not be found
+# returns an error code if it cannot be found
proc macports::binaryInPath {prog} {
global env
foreach dir [split $env(PATH) :] {
Modified: branches/images-and-archives/base/src/pextlib1.0/Pextlib.c
===================================================================
--- branches/images-and-archives/base/src/pextlib1.0/Pextlib.c 2009-06-07 00:18:10 UTC (rev 51935)
+++ branches/images-and-archives/base/src/pextlib1.0/Pextlib.c 2009-06-07 00:25:48 UTC (rev 51936)
@@ -574,7 +574,7 @@
if(onoblock && ounlock) {
/* should not be specified together */
- Tcl_SetResult(interp, "-noblock can not be used with -unlock", TCL_STATIC);
+ Tcl_SetResult(interp, "-noblock cannot be used with -unlock", TCL_STATIC);
return TCL_ERROR;
}
Modified: branches/images-and-archives/base/src/pextlib1.0/tracelib.c
===================================================================
--- branches/images-and-archives/base/src/pextlib1.0/tracelib.c 2009-06-07 00:18:10 UTC (rev 51935)
+++ branches/images-and-archives/base/src/pextlib1.0/tracelib.c 2009-06-07 00:25:48 UTC (rev 51936)
@@ -223,7 +223,6 @@
append_allow("/sbin", 0);
append_allow("/dev", 0);
append_allow(Tcl_GetVar(interp, "macports::prefix", TCL_GLOBAL_ONLY), 2);
- append_allow("/Applications/MacPorts", 0);
/* If there is no SDK we will allow everything in /usr /System/Library etc, else add binaries to allow, and redirect root to SDK. */
if(sdk&&*sdk)
{
@@ -234,7 +233,6 @@
append_allow("/usr/sbin", 0);
append_allow("/usr/libexec/gcc", 0);
append_allow("/System/Library/Perl", 0);
- append_allow("/usr/X11R6/bin", 0);
append_allow("/", 1);
strcpy(t-1, buf);
t+=strlen(t)+1;
Modified: branches/images-and-archives/base/src/port/port.tcl
===================================================================
--- branches/images-and-archives/base/src/port/port.tcl 2009-06-07 00:18:10 UTC (rev 51935)
+++ branches/images-and-archives/base/src/port/port.tcl 2009-06-07 00:25:48 UTC (rev 51936)
@@ -2023,16 +2023,6 @@
if { [catch {portuninstall::uninstall $portname [composite_version $portversion [array get variations]] [array get options]} result] } {
global errorInfo
ui_debug "$errorInfo"
-
- # start gsoc08-privileges
- if { [string first "permission denied" $result] != -1 } {
- set result "port requires root privileges for this action and needs you to execute 'sudo port uninstall $portname' to continue."
- #ui_msg [exec sudo port uninstall $portname]
- # The above line is what should be here to let the user simply enter his/her password to uninstall as root.
- # However, for some as yet unknown reason, executing it here will not work.
- }
- # end gsoc08-privileges
-
break_softcontinue "port uninstall failed: $result" 1 status
}
}
@@ -2802,25 +2792,6 @@
mportclose $workername
- # start gsoc08-privileges
- if { [geteuid] != 0 && $result == 2} {
- # mportexec will return an error result code 2 if eval_targets fails due to insufficient privileges.
-
- set portbinary "${macports::prefix}/bin/port"
-
- ui_info "Attempting port action with 'sudo port': 'sudo $portbinary $target $portname'."
- set result 0
- if {[catch {set sudomsgs [exec sudo $portbinary $target $portname]} sudomsgs]} {
- global errorInfo
- ui_debug "$errorInfo"
- break_softcontinue "Unable to execute port: $errorInfo" 1 status
- }
-
- ui_msg $sudomsgs
- ui_debug "'sudo $portbinary $target $portname' has completed."
- }
- # end gsoc08-privileges
-
# Process any error that wasn't thrown and handled already
if {$result} {
break_softcontinue "Status $result encountered during processing." 1 status
Modified: branches/images-and-archives/base/src/port1.0/portbuild.tcl
===================================================================
--- branches/images-and-archives/base/src/port1.0/portbuild.tcl 2009-06-07 00:18:10 UTC (rev 51935)
+++ branches/images-and-archives/base/src/port1.0/portbuild.tcl 2009-06-07 00:25:48 UTC (rev 51936)
@@ -131,7 +131,11 @@
set jobs [option build.jobs]
# if set to '0', use the number of cores for the number of jobs
if {$jobs == 0} {
- set jobs [exec "/usr/sbin/sysctl" "-n" "hw.ncpu"]
+ if {[catch {set jobs [exec "/usr/sbin/sysctl" "-n" "hw.availcpu"]}]} {
+ set jobs 2
+ ui_warn "failed to determine the number of available CPUs (probably not supported on this platform)"
+ ui_warn "defaulting to $jobs jobs, consider setting buildmakejobs to a nonzero value in macports.conf"
+ }
}
if {![string is integer -strict $jobs] || $jobs <= 1} {
return ""
@@ -140,17 +144,9 @@
}
proc portbuild::build_start {args} {
- global UI_PREFIX build.asroot
+ global UI_PREFIX
ui_msg "$UI_PREFIX [format [msgcat::mc "Building %s"] [option name]]"
-
- # start gsoc08-privileges
- if { [tbool build.asroot] } {
- # if port is marked as needing root
- elevateToRoot "build"
- }
- # end gsoc08-privileges
-
}
proc portbuild::build_main {args} {
Modified: branches/images-and-archives/base/src/port1.0/portconfigure.tcl
===================================================================
--- branches/images-and-archives/base/src/port1.0/portconfigure.tcl 2009-06-07 00:18:10 UTC (rev 51935)
+++ branches/images-and-archives/base/src/port1.0/portconfigure.tcl 2009-06-07 00:25:48 UTC (rev 51936)
@@ -182,13 +182,6 @@
default { return -code error "Invalid value for configure.compiler" }
}
ui_debug "Using compiler '$name'"
-
- # start gsoc08-privileges
- if { [tbool configure.asroot] } {
- # if port is marked as needing root
- elevateToRoot "configure"
- }
- # end gsoc08-privileges
}
# internal function to determine the "-arch xy" flags for the compiler
Modified: branches/images-and-archives/base/src/port1.0/portdestroot.tcl
===================================================================
--- branches/images-and-archives/base/src/port1.0/portdestroot.tcl 2009-06-07 00:18:10 UTC (rev 51935)
+++ branches/images-and-archives/base/src/port1.0/portdestroot.tcl 2009-06-07 00:25:48 UTC (rev 51936)
@@ -106,9 +106,7 @@
}
if { [tbool destroot.asroot] && [getuid] != 0 } {
- global errorisprivileges
- set errorisprivileges yes
- return -code error "You can not run this port without elevated privileges. You need to re-run with 'sudo port'.";
+ return -code error "You cannot run this port without root privileges. You need to re-run with 'sudo port'.";
}
if {[info exists usealtworkpath] && $usealtworkpath == "yes"} {
@@ -327,9 +325,5 @@
# Restore umask
umask $oldmask
- # start gsoc08-privileges
- chownAsRoot $destroot
- # end gsoc08-privileges
-
return 0
}
Modified: branches/images-and-archives/base/src/port1.0/portextract.tcl
===================================================================
--- branches/images-and-archives/base/src/port1.0/portextract.tcl 2009-06-07 00:18:10 UTC (rev 51935)
+++ branches/images-and-archives/base/src/port1.0/portextract.tcl 2009-06-07 00:25:48 UTC (rev 51936)
@@ -98,7 +98,7 @@
option extract.post_args ""
} elseif {[tbool use_dmg]} {
global worksrcdir
- set dmg_tmp_dir [exec mktemp -d -q "/tmp/mports.XXXXXXXX"]
+ set dmg_tmp_dir [mkdtemp "/tmp/mports.XXXXXXXX"]
set dmg_mount ${dmg_tmp_dir}/${worksrcdir}
file mkdir ${dmg_mount}
option extract.cmd [findBinary hdiutil ${portutil::autoconf::hdiutil_path}]
Modified: branches/images-and-archives/base/src/port1.0/portfetch.tcl
===================================================================
--- branches/images-and-archives/base/src/port1.0/portfetch.tcl 2009-06-07 00:18:10 UTC (rev 51935)
+++ branches/images-and-archives/base/src/port1.0/portfetch.tcl 2009-06-07 00:25:48 UTC (rev 51936)
@@ -631,9 +631,17 @@
if {![file isdirectory $distpath]} {
if {[catch {file mkdir $distpath} result]} {
- return -code error [format [msgcat::mc "Unable to create distribution files path: %s"] $result]
+ elevateToRoot "fetch"
+ set elevated yes
+ if {[catch {file mkdir $distpath} result]} {
+ return -code error [format [msgcat::mc "Unable to create distribution files path: %s"] $result]
+ }
}
}
+ chownAsRoot $distpath
+ if {[info exists elevated] && $elevated == yes} {
+ dropPrivileges
+ }
set fetch_options {}
if {[string length ${fetch.user}] || [string length ${fetch.password}]} {
Modified: branches/images-and-archives/base/src/port1.0/portmain.tcl
===================================================================
--- branches/images-and-archives/base/src/port1.0/portmain.tcl 2009-06-07 00:18:10 UTC (rev 51935)
+++ branches/images-and-archives/base/src/port1.0/portmain.tcl 2009-06-07 00:25:48 UTC (rev 51936)
@@ -121,6 +121,10 @@
}
}
+# Record initial euid/egid
+set euid [geteuid]
+set egid [getegid]
+
proc portmain::main {args} {
return 0
}
Modified: branches/images-and-archives/base/src/port1.0/portpatch.tcl
===================================================================
--- branches/images-and-archives/base/src/port1.0/portpatch.tcl 2009-06-07 00:18:10 UTC (rev 51935)
+++ branches/images-and-archives/base/src/port1.0/portpatch.tcl 2009-06-07 00:25:48 UTC (rev 51936)
@@ -62,13 +62,6 @@
ui_msg "$UI_PREFIX [format [msgcat::mc "Applying patches to %s"] [option name]]"
- # start gsoc08-privileges
- if { [tbool patch.asroot] } {
- # if port is marked as needing root
- elevateToRoot "patch"
- }
- # end gsoc08-privileges
-
foreach patch [option patchfiles] {
set patch_file [getdistname $patch]
if {[file exists [option filespath]/$patch_file]} {
Modified: branches/images-and-archives/base/src/port1.0/portutil.tcl
===================================================================
--- branches/images-and-archives/base/src/port1.0/portutil.tcl 2009-06-07 00:18:10 UTC (rev 51935)
+++ branches/images-and-archives/base/src/port1.0/portutil.tcl 2009-06-07 00:25:48 UTC (rev 51936)
@@ -829,7 +829,6 @@
# reinplace
# Provides "sed in place" functionality
proc reinplace {args} {
- global euid macportsuser
set extended 0
while 1 {
@@ -1208,7 +1207,7 @@
set ports_dry_last_skipped ""
proc target_run {ditem} {
- global target_state_fd workpath ports_trace PortInfo ports_dryrun ports_dry_last_skipped errorisprivileges
+ global target_state_fd workpath ports_trace PortInfo ports_dryrun ports_dry_last_skipped
set portname [option name]
set result 0
set skipped 0
@@ -1220,6 +1219,9 @@
if {$procedure != ""} {
set targetname [ditem_key $ditem name]
+ if { [tbool ${targetname}.asroot] } {
+ elevateToRoot $targetname
+ }
if {[ditem_contains $ditem init]} {
set result [catch {[ditem_key $ditem init] $targetname} errstr]
@@ -1376,13 +1378,9 @@
write_statefile target $targetname $target_state_fd
}
} else {
- if {$errorisprivileges != "yes"} {
- global errorInfo
- ui_error "Target $targetname returned: $errstr"
- ui_debug "Backtrace: $errorInfo"
- } else {
- ui_msg "Target $targetname returned: $errstr"
- }
+ global errorInfo
+ ui_error "Target $targetname returned: $errstr"
+ ui_debug "Backtrace: $errorInfo"
set result 1
}
@@ -1432,9 +1430,8 @@
proc eval_targets {target} {
- global targets target_state_fd name version revision portvariants ports_dryrun user_options errorisprivileges
+ global targets target_state_fd name version revision portvariants ports_dryrun user_options
set dlist $targets
- set errorisprivileges "no"
# the statefile will likely be autocleaned away after install,
# so special-case ignore already-completed install and activate
@@ -1486,12 +1483,6 @@
set result 0
}
- # start gsoc08-privileges
- if { $result == 1 && $errorisprivileges == "yes" } {
- set result 2
- }
- # end gsoc08-privileges
-
return $result
}
@@ -1502,10 +1493,6 @@
global altprefix usealtworkpath env applications_dir portbuildpath distpath
# start gsoc08-privileges
-
- # de-escalate privileges - only run if MacPorts was started with sudo
- dropPrivileges
-
if { ![file exists $workpath] } {
if {[catch {set result [file mkdir $workpath]} result]} {
global errorInfo
@@ -1522,7 +1509,7 @@
if { $userid !=0 } {
ui_msg "MacPorts running without privileges.\
- You may be prompted for your sudo password in order to complete certain actions (eg install)."
+ You may be unable to complete certain actions (eg install)."
}
# set global variable indicating to other functions to use ~/.macports as well
@@ -1579,6 +1566,7 @@
if {![file isdirectory $workpath]} {
file mkdir $workpath
}
+
# flock Portfile
set statefile [file join $workpath .macports.${name}.state]
if {[file exists $statefile]} {
@@ -1592,20 +1580,23 @@
file mkdir [file join $workpath]
}
}
+ chownAsRoot $workpath
# Create a symlink to the workpath for port authors
if {[tbool place_worksymlink] && ![file isdirectory $worksymlink]} {
ui_debug "Attempting ln -sf $workpath $worksymlink"
ln -sf $workpath $worksymlink
}
+ # de-escalate privileges - only run if MacPorts was started with sudo
+ dropPrivileges
set fd [open $statefile a+]
if {[catch {flock $fd -exclusive -noblock} result]} {
if {"$result" == "EAGAIN"} {
ui_msg "Waiting for lock on $statefile"
- } elseif {"$result" == "EOPNOTSUPP"} {
- # Locking not supported, just return
- return $fd
+ } elseif {"$result" == "EOPNOTSUPP"} {
+ # Locking not supported, just return
+ return $fd
} else {
return -code error "$result obtaining lock on $statefile"
}
@@ -2139,7 +2130,7 @@
}
# check for a binary in the path
-# returns an error code if it can not be found
+# returns an error code if it cannot be found
proc binaryInPath {binary} {
global env
foreach dir [split $env(PATH) :] {
@@ -2338,7 +2329,7 @@
#
# @param action the action for which privileges are being elevated
proc elevateToRoot {action} {
- global euid egid macportsuser errorisprivileges
+ global euid egid macportsuser
if { [getuid] == 0 && [geteuid] == [name_to_uid "$macportsuser"] } {
# if started with sudo but have dropped the privileges
@@ -2349,8 +2340,7 @@
}
if { [getuid] != 0 } {
- set errorisprivileges yes
- return -code error "port requires root privileges for this action and needs you to type your password for sudo.";
+ return -code error "MacPorts requires root privileges for this action";
}
}
@@ -2361,8 +2351,6 @@
global euid egid macportsuser workpath
if { [geteuid] == 0 } {
if { [catch {
- set euid [geteuid]
- set egid [getegid]
ui_debug "changing euid/egid - current euid: $euid - current egid: $egid"
#seteuid [name_to_uid [file attributes $workpath -owner]]
@@ -2372,10 +2360,6 @@
seteuid [name_to_uid "$macportsuser"]
ui_debug "egid changed to: [getegid]"
ui_debug "euid changed to: [geteuid]"
-
- if {![file writable $workpath]} {
- ui_debug "Privileges successfully de-escalated. Unable to write to default workpath."
- }
}]
} {
ui_debug "$::errorInfo"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-changes/attachments/20090606/25bb7a50/attachment-0001.html>
More information about the macports-changes
mailing list