[gentoo-portage-dev] [PATCH 1/2] portage.process.spawn: add cwd parameter

Discussion:

Zac Medico

2018-11-24 00:15:24 UTC

Signed-off-by: Zac Medico <***@gentoo.org>
---
lib/portage/process.py | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/lib/portage/process.py b/lib/portage/process.py
index 75ec299f0..ed1a49247 100644
--- a/lib/portage/process.py
+++ b/lib/portage/process.py
@@ -220,7 +220,7 @@ def cleanup():
pass

def spawn(mycommand, env={}, opt_name=None, fd_pipes=None, returnpid=False,
- uid=None, gid=None, groups=None, umask=None, logfile=None,
+ uid=None, gid=None, groups=None, umask=None, cwd=None, logfile=None,
path_lookup=True, pre_exec=None,
close_fds=(sys.version_info < (3, 4)), unshare_net=False,
unshare_ipc=False, unshare_mount=False, unshare_pid=False,
@@ -248,6 +248,8 @@ def spawn(mycommand, env={}, opt_name=None, fd_pipes=None, returnpid=False,
@type groups: List
@param umask: An integer representing the umask for the process (see man chmod for umask details)
@type umask: Integer
+ @param cwd: Current working directory
+ @type cwd: String
@param logfile: name of a file to use for logging purposes
@type logfile: String
@param path_lookup: If the binary is not fully specified then look for it in PATH
@@ -350,7 +352,7 @@ def spawn(mycommand, env={}, opt_name=None, fd_pipes=None, returnpid=False,
if pid == 0:
try:
_exec(binary, mycommand, opt_name, fd_pipes,
- env, gid, groups, uid, umask, pre_exec, close_fds,
+ env, gid, groups, uid, umask, cwd, pre_exec, close_fds,
unshare_net, unshare_ipc, unshare_mount, unshare_pid,
cgroup)
except SystemExit:
@@ -421,7 +423,8 @@ def spawn(mycommand, env={}, opt_name=None, fd_pipes=None, returnpid=False,
# Everything succeeded
return 0

-def _exec(binary, mycommand, opt_name, fd_pipes, env, gid, groups, uid, umask,
+def _exec(binary, mycommand, opt_name, fd_pipes,
+ env, gid, groups, uid, umask, cwd,
pre_exec, close_fds, unshare_net, unshare_ipc, unshare_mount, unshare_pid,
cgroup):

@@ -446,6 +449,8 @@ def _exec(binary, mycommand, opt_name, fd_pipes, env, gid, groups, uid, umask,
@type uid: Integer
@param umask: an int representing a unix umask (see man chmod for umask details)
@type umask: Integer
+ @param cwd: Current working directory
+ @type cwd: String
@param pre_exec: A function to be called with no arguments just prior to the exec call.
@type pre_exec: callable
@param unshare_net: If True, networking will be unshared from the spawned process
@@ -609,6 +614,8 @@ def _exec(binary, mycommand, opt_name, fd_pipes, env, gid, groups, uid, umask,
os.setuid(int(uid))
if umask:
os.umask(umask)
+ if cwd is not None:
+ os.chdir(cwd)
if pre_exec:
pre_exec()

--
2.18.1

Zac Medico

2018-11-24 00:15:25 UTC

Permalink

Use portage.process.spawn (with new cwd parameter) and self.spawn_kwargs
to drop privileges for git gc and merge commands.

Fixes: 3cd8cf93abb6 ("GitSync: abort checkout for signature problem (bug 660372)")
Fixes: 903c4b1a6768 ("GitSync: support sync-depth (bug 552814)")
Bug: https://bugs.gentoo.org/669496
Signed-off-by: Zac Medico <***@gentoo.org>
---
lib/portage/sync/modules/git/git.py | 10 ++++++----
lib/portage/tests/sync/test_sync_local.py | 22 ++++++++++++++++++++--
2 files changed, 26 insertions(+), 6 deletions(-)

diff --git a/lib/portage/sync/modules/git/git.py b/lib/portage/sync/modules/git/git.py
index e41af313e..7df4b6d61 100644
--- a/lib/portage/sync/modules/git/git.py
+++ b/lib/portage/sync/modules/git/git.py
@@ -147,8 +147,9 @@ class GitSync(NewBase):
gc_cmd = ['git', '-c', 'gc.autodetach=false', 'gc', '--auto']
if quiet:
gc_cmd.append('--quiet')
- exitcode = subprocess.call(gc_cmd,
- cwd=portage._unicode_encode(self.repo.location))
+ exitcode = portage.process.spawn(gc_cmd,
+ cwd=portage._unicode_encode(self.repo.location),
+ **self.spawn_kwargs)
if exitcode != os.EX_OK:
msg = "!!! git gc error in %s" % self.repo.location
self.logger(self.xterm_titles, msg)
@@ -186,8 +187,9 @@ class GitSync(NewBase):
merge_cmd.append('refs/remotes/%s' % remote_branch)
if quiet:
merge_cmd.append('--quiet')
- exitcode = subprocess.call(merge_cmd,
- cwd=portage._unicode_encode(self.repo.location))
+ exitcode = portage.process.spawn(merge_cmd,
+ cwd=portage._unicode_encode(self.repo.location),
+ **self.spawn_kwargs)

if exitcode != os.EX_OK:
msg = "!!! git merge error in %s" % self.repo.location
diff --git a/lib/portage/tests/sync/test_sync_local.py b/lib/portage/tests/sync/test_sync_local.py
index 49c7a992d..5fb8afb7c 100644
--- a/lib/portage/tests/sync/test_sync_local.py
+++ b/lib/portage/tests/sync/test_sync_local.py
@@ -42,6 +42,7 @@ class SyncLocalTestCase(TestCase):
[test_repo]
location = %(EPREFIX)s/var/repositories/test_repo
sync-type = %(sync-type)s
+ sync-depth = %(sync-depth)s
sync-uri = file://%(EPREFIX)s/var/repositories/test_repo_sync
sync-rcu = %(sync-rcu)s
sync-rcu-store-dir = %(EPREFIX)s/var/repositories/test_repo_rcu_storedir
@@ -91,9 +92,10 @@ class SyncLocalTestCase(TestCase):
committer_email = "gentoo-***@gentoo.org"

def repos_set_conf(sync_type, dflt_keys=None, xtra_keys=None,
- auto_sync="yes", sync_rcu=False):
+ auto_sync="yes", sync_rcu=False, sync_depth=None):
env["PORTAGE_REPOSITORIES"] = repos_conf % {\
"EPREFIX": eprefix, "sync-type": sync_type,
+ "sync-depth": 0 if sync_depth is None else sync_depth,
"sync-rcu": "yes" if sync_rcu else "no",
"auto-sync": auto_sync,
"default_keys": "" if dflt_keys is None else dflt_keys,
@@ -197,6 +199,17 @@ class SyncLocalTestCase(TestCase):
(homedir, lambda: shutil.rmtree(repo.user_location + '_rcu_storedir')),
)

+ upstream_git_commit = (
+ (
+ repo.location + "_sync",
+ git_cmd + ('commit', '--allow-empty', '-m', 'test empty commit'),
+ ),
+ (
+ repo.location + "_sync",
+ git_cmd + ('commit', '--allow-empty', '-m', 'test empty commit 2'),
+ ),
+ )
+
delete_sync_repo = (
(homedir, lambda: shutil.rmtree(
repo.location + "_sync")),
@@ -217,6 +230,10 @@ class SyncLocalTestCase(TestCase):
(homedir, lambda: repos_set_conf("git")),
)

+ sync_type_git_shallow = (
+ (homedir, lambda: repos_set_conf("git", sync_depth=1)),
+ )
+
sync_rsync_rcu = (
(homedir, lambda: repos_set_conf("rsync", sync_rcu=True)),
)
@@ -277,7 +294,8 @@ class SyncLocalTestCase(TestCase):
delete_repo_location + sync_cmds + sync_cmds + \
bump_timestamp_cmds + sync_cmds + revert_rcu_layout + \
delete_sync_repo + git_repo_create + sync_type_git + \
- rename_repo + sync_cmds:
+ rename_repo + sync_cmds + upstream_git_commit + sync_cmds + \
+ sync_type_git_shallow + upstream_git_commit + sync_cmds:

if hasattr(cmd, '__call__'):
cmd()

--
2.18.1

Brian Dolbec

2018-11-25 17:54:05 UTC

Permalink

On Fri, 23 Nov 2018 16:15:23 -0800

Post by Zac Medico
Use portage.process.spawn (with new cwd parameter) and
self.spawn_kwargs to drop privileges for git gc and merge commands.
Fixes: 3cd8cf93abb6 ("GitSync: abort checkout for signature problem
(bug 660372)") Fixes: 903c4b1a6768 ("GitSync: support sync-depth (bug
552814)") Bug: https://bugs.gentoo.org/669496
portage.process.spawn: add cwd parameter
git: drop privileges for gc and merge (bug 669496)
lib/portage/process.py | 13 ++++++++++---
lib/portage/sync/modules/git/git.py | 10 ++++++----
lib/portage/tests/sync/test_sync_local.py | 22 ++++++++++++++++++++--
3 files changed, 36 insertions(+), 9 deletions(-)

This looks good to me :)

Zac Medico

2018-11-25 22:21:26 UTC

Permalink

Post by Brian Dolbec
On Fri, 23 Nov 2018 16:15:23 -0800

This looks good to me :)

Thanks, merged:

https://gitweb.gentoo.org/proj/portage.git/commit/?id=0490cfa00afcf1347e4e72528b20c93648d6871c

--
Thanks,
Zac