]> git.saurik.com Git - apt.git/blob - apt-private/private-download.cc
Deprecate SPtrArray<T> and convert everyone to unique_ptr<T[]>
[apt.git] / apt-private / private-download.cc
1 // Include Files /*{{{*/
2 #include <config.h>
3
4 #include <apt-pkg/acquire.h>
5 #include <apt-pkg/acquire-item.h>
6 #include <apt-pkg/configuration.h>
7 #include <apt-pkg/error.h>
8 #include <apt-pkg/fileutl.h>
9 #include <apt-pkg/strutl.h>
10
11 #include <apt-private/private-output.h>
12 #include <apt-private/private-download.h>
13
14 #include <fstream>
15 #include <string>
16 #include <vector>
17
18 #include <unistd.h>
19 #include <sys/types.h>
20 #include <pwd.h>
21 #include <fcntl.h>
22 #include <sys/vfs.h>
23 #include <sys/statvfs.h>
24 #include <errno.h>
25
26 #include <apti18n.h>
27 /*}}}*/
28
29 bool CheckDropPrivsMustBeDisabled(pkgAcquire &Fetcher) /*{{{*/
30 {
31 // no need/possibility to drop privs
32 if(getuid() != 0)
33 return true;
34
35 // the user does not want to drop privs
36 std::string SandboxUser = _config->Find("APT::Sandbox::User");
37 if (SandboxUser.empty())
38 return true;
39
40 struct passwd const * const pw = getpwnam(SandboxUser.c_str());
41 if (pw == NULL)
42 return true;
43
44 if (seteuid(pw->pw_uid) != 0)
45 return _error->Errno("seteuid", "seteuid %u failed", pw->pw_uid);
46
47 bool res = true;
48 // check if we can write to destfile
49 for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin();
50 I != Fetcher.ItemsEnd() && res == true; ++I)
51 {
52 if ((*I)->DestFile.empty())
53 continue;
54 // we assume that an existing (partial) file means that we have sufficient rights
55 if (RealFileExists((*I)->DestFile))
56 continue;
57 int fd = open((*I)->DestFile.c_str(), O_CREAT | O_EXCL | O_RDWR, 0600);
58 if (fd < 0)
59 {
60 res = false;
61 std::string msg;
62 strprintf(msg, _("Can't drop privileges for downloading as file '%s' couldn't be accessed by user '%s'."),
63 (*I)->DestFile.c_str(), SandboxUser.c_str());
64 std::cerr << "W: " << msg << std::endl;
65 _config->Set("APT::Sandbox::User", "");
66 break;
67 }
68 unlink((*I)->DestFile.c_str());
69 close(fd);
70 }
71
72 if (seteuid(0) != 0)
73 return _error->Errno("seteuid", "seteuid %u failed", 0);
74
75 return res;
76 }
77 /*}}}*/
78 // CheckAuth - check if each download comes form a trusted source /*{{{*/
79 bool CheckAuth(pkgAcquire& Fetcher, bool const PromptUser)
80 {
81 std::vector<std::string> UntrustedList;
82 for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I < Fetcher.ItemsEnd(); ++I)
83 if (!(*I)->IsTrusted())
84 UntrustedList.push_back((*I)->ShortDesc());
85
86 if (UntrustedList.empty())
87 return true;
88
89 return AuthPrompt(UntrustedList, PromptUser);
90 }
91
92 bool AuthPrompt(std::vector<std::string> const &UntrustedList, bool const PromptUser)
93 {
94 ShowList(c2out,_("WARNING: The following packages cannot be authenticated!"), UntrustedList,
95 [](std::string const&) { return true; },
96 [](std::string const&str) { return str; },
97 [](std::string const&) { return ""; });
98
99 if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
100 {
101 c2out << _("Authentication warning overridden.\n");
102 return true;
103 }
104
105 if (PromptUser == false)
106 return _error->Error(_("Some packages could not be authenticated"));
107
108 if (_config->FindI("quiet",0) < 2
109 && _config->FindB("APT::Get::Assume-Yes",false) == false)
110 {
111 c2out << _("Install these packages without verification?") << std::flush;
112 if (!YnPrompt(false))
113 return _error->Error(_("Some packages could not be authenticated"));
114
115 return true;
116 }
117 else if (_config->FindB("APT::Get::Force-Yes",false) == true)
118 return true;
119
120 return _error->Error(_("There are problems and -y was used without --force-yes"));
121 }
122 /*}}}*/
123 bool AcquireRun(pkgAcquire &Fetcher, int const PulseInterval, bool * const Failure, bool * const TransientNetworkFailure)/*{{{*/
124 {
125 pkgAcquire::RunResult res;
126 if(PulseInterval > 0)
127 res = Fetcher.Run(PulseInterval);
128 else
129 res = Fetcher.Run();
130
131 if (res == pkgAcquire::Failed)
132 return false;
133
134 for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin();
135 I != Fetcher.ItemsEnd(); ++I)
136 {
137
138 if ((*I)->Status == pkgAcquire::Item::StatDone &&
139 (*I)->Complete == true)
140 continue;
141
142 if (TransientNetworkFailure != NULL && (*I)->Status == pkgAcquire::Item::StatIdle)
143 {
144 *TransientNetworkFailure = true;
145 continue;
146 }
147
148 ::URI uri((*I)->DescURI());
149 uri.User.clear();
150 uri.Password.clear();
151 std::string descUri = std::string(uri);
152 _error->Error(_("Failed to fetch %s %s\n"), descUri.c_str(),
153 (*I)->ErrorText.c_str());
154
155 if (Failure != NULL)
156 *Failure = true;
157 }
158
159 return true;
160 }
161 /*}}}*/
162 bool CheckFreeSpaceBeforeDownload(std::string const &Dir, unsigned long long FetchBytes)/*{{{*/
163 {
164 uint32_t const RAMFS_MAGIC = 0x858458f6;
165 /* Check for enough free space, but only if we are actually going to
166 download */
167 if (_config->FindB("APT::Get::Print-URIs", false) == true ||
168 _config->FindB("APT::Get::Download", true) == false)
169 return true;
170
171 struct statvfs Buf;
172 if (statvfs(Dir.c_str(),&Buf) != 0) {
173 if (errno == EOVERFLOW)
174 return _error->WarningE("statvfs",_("Couldn't determine free space in %s"),
175 Dir.c_str());
176 else
177 return _error->Errno("statvfs",_("Couldn't determine free space in %s"),
178 Dir.c_str());
179 }
180 else
181 {
182 unsigned long long const FreeBlocks = _config->Find("APT::Sandbox::User").empty() ? Buf.f_bfree : Buf.f_bavail;
183 if (FreeBlocks < (FetchBytes / Buf.f_bsize))
184 {
185 struct statfs Stat;
186 if (statfs(Dir.c_str(),&Stat) != 0
187 #if HAVE_STRUCT_STATFS_F_TYPE
188 || Stat.f_type != RAMFS_MAGIC
189 #endif
190 )
191 return _error->Error(_("You don't have enough free space in %s."),
192 Dir.c_str());
193 }
194 }
195 return true;
196 }
197 /*}}}*/