Changeset 39069


Ignore:
Timestamp:
Aug 6, 2008, 10:18:07 PM (9 years ago)
Author:
pmagrath@…
Message:

Comment problem with sudo during port uninstall. Break out privilege dropping to a separate procedure in portutil.

Location:
branches/gsoc08-privileges/base/src
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • branches/gsoc08-privileges/base/src/port/port.tcl

    r39000 r39069  
    17571757
    17581758proc action_uninstall { action portlist opts } {
     1759       
    17591760    set status 0
    17601761    if {[macports::global_option_isset port_uninstall_old]} {
     
    17701771
    17711772    foreachport $portlist {
     1773       
    17721774        if { [catch {portuninstall::uninstall $portname [composite_version $portversion [array get variations]] [array get options]} result] } {
    17731775            global errorInfo
    17741776            ui_debug "$errorInfo"
     1777
     1778                        # start gsoc08-privileges       
     1779                        if { [string first "permission denied" $result] != -1 } {
     1780                                set result "port requires root privileges for this action and needs you to execute 'sudo port uninstall $portname' to continue."
     1781                                #ui_msg [exec sudo port uninstall $portname]
     1782                                # The above line is what should be here to let the user simply enter his/her password to uninstall as root.
     1783                                # However, for some as yet unknown reason, executing it here will not work.
     1784                        }
     1785                        # end gsoc08-privileges
     1786
    17751787            break_softcontinue "port uninstall failed: $result" 1 status
    1776         }
     1788                }
    17771789    }
    17781790
     
    24832495                if { [geteuid] != 0 && $result == 2} {
    24842496                        # mportexec will return an error result code 2 if eval_targets fails due to insufficient privileges.
    2485                         ui_warn "Attempting port action with 'sudo port': 'sudo port $target $portname'."
     2497                        ui_info "Attempting port action with 'sudo port': 'sudo port $target $portname'."
    24862498                        set result 0
    24872499                        ui_msg [exec sudo port $target $portname]
  • branches/gsoc08-privileges/base/src/port1.0/portutil.tcl

    r38999 r39069  
    14081408proc open_statefile {args} {
    14091409    global workpath worksymlink place_worksymlink portname portpath ports_ignore_older
    1410     global altprefix macportsuser euid egid usealtworkpath env applications_dir portbuildpath distpath
     1410    global altprefix usealtworkpath env applications_dir portbuildpath distpath
    14111411    global portname
    14121412   
     
    14141414
    14151415        # descalate privileges - only ran if macports stated with sudo
    1416         if { [geteuid] == 0 } {
    1417                 if { [catch {
    1418                                 set euid [geteuid]
    1419                                 set egid [getegid]
    1420                                 ui_debug "changing euid/egid - current euid: $euid - current egid: $egid"
    1421        
    1422                                 #seteuid [name_to_uid [file attributes $workpath -owner]]
    1423                                 #setegid [name_to_gid [file attributes $workpath -group]]
    1424        
    1425                                 setegid [name_to_gid "$macportsuser"]
    1426                                 seteuid [name_to_uid "$macportsuser"]
    1427                                 ui_debug "egid changed to: [getegid]"
    1428                                 ui_debug "euid changed to: [geteuid]"
    1429                                
    1430                                 if {![file writable $workpath]} {
    1431                                         ui_debug "Privileges successfully descalated. Unable to write to workpath."
    1432                                 }
    1433                         }]
    1434                 } {
    1435                         ui_debug "$::errorInfo"
    1436                         ui_error "Failed to descalate privileges."
    1437                 }
    1438         } else {
    1439                 ui_debug "Privilege desclation not attempted as not running as root."
    1440         }
     1416        dropPrivileges
    14411417   
    14421418    # if unable to write to workpath, implies running without either root privileges
     
    14481424
    14491425        if { $userid !=0 } {
    1450                 ui_msg "Insufficient privileges to perform action on port '$portname' for all users."
    1451                 ui_msg "Action will be performed for current user (${username}) only."
    1452                 ui_msg "Install actions should be executed using sudo."
     1426                ui_msg "MacPorts running without privileges.\
     1427                                        You may be prompted for your sudo password in order to complete certain actions (eg install)."
    14531428                }
    14541429       
     
    23462321}
    23472322
     2323##
     2324# Descalate privileges from root to those of $macportsuser.
     2325#
     2326proc dropPrivileges {} {
     2327        global euid egid macportsuser workpath
     2328        if { [geteuid] == 0 } {
     2329                if { [catch {
     2330                                set euid [geteuid]
     2331                                set egid [getegid]
     2332                                ui_debug "changing euid/egid - current euid: $euid - current egid: $egid"
     2333       
     2334                                #seteuid [name_to_uid [file attributes $workpath -owner]]
     2335                                #setegid [name_to_gid [file attributes $workpath -group]]
     2336       
     2337                                setegid [name_to_gid "$macportsuser"]
     2338                                seteuid [name_to_uid "$macportsuser"]
     2339                                ui_debug "egid changed to: [getegid]"
     2340                                ui_debug "euid changed to: [geteuid]"
     2341                               
     2342                                if {![file writable $workpath]} {
     2343                                        ui_debug "Privileges successfully descalated. Unable to write to default workpath."
     2344                                }
     2345                        }]
     2346                } {
     2347                        ui_debug "$::errorInfo"
     2348                        ui_error "Failed to descalate privileges."
     2349                }
     2350        } else {
     2351                ui_debug "Privilege desclation not attempted as not running as root."
     2352        }
     2353}
     2354
Note: See TracChangeset for help on using the changeset viewer.