#include <apt-pkg/strutl.h>
#include <apt-pkg/fileutl.h>
+#include <algorithm>
+#include <numeric>
#include <string>
#include <vector>
#include <iostream>
#include <sstream>
#include <iomanip>
+#include <memory>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <fcntl.h>
#include <pwd.h>
#include <grp.h>
#include <dirent.h>
#include <sys/select.h>
#include <errno.h>
#include <sys/stat.h>
-#include <sys/types.h>
#include <apti18n.h>
/*}}}*/
// Acquire::pkgAcquire - Constructor /*{{{*/
// ---------------------------------------------------------------------
/* We grab some runtime state from the configuration space */
-pkgAcquire::pkgAcquire() : LockFD(-1), Queues(0), Workers(0), Configs(0), Log(NULL), ToFetch(0),
+pkgAcquire::pkgAcquire() : LockFD(-1), d(NULL), Queues(0), Workers(0), Configs(0), Log(NULL), ToFetch(0),
Debug(_config->FindB("Debug::pkgAcquire",false)),
Running(false)
{
Initialize();
}
-pkgAcquire::pkgAcquire(pkgAcquireStatus *Progress) : LockFD(-1), Queues(0), Workers(0),
+pkgAcquire::pkgAcquire(pkgAcquireStatus *Progress) : LockFD(-1), d(NULL), Queues(0), Workers(0),
Configs(0), Log(NULL), ToFetch(0),
Debug(_config->FindB("Debug::pkgAcquire",false)),
Running(false)
// chown the auth.conf file as it will be accessed by our methods
std::string const SandboxUser = _config->Find("APT::Sandbox::User");
- if (getuid() == 0 && SandboxUser.empty() == false) // if we aren't root, we can't chown, so don't try it
+ if (getuid() == 0 && SandboxUser.empty() == false && SandboxUser != "root") // if we aren't root, we can't chown, so don't try it
{
struct passwd const * const pw = getpwnam(SandboxUser.c_str());
struct group const * const gr = getgrnam("root");
static bool SetupAPTPartialDirectory(std::string const &grand, std::string const &parent)
{
std::string const partial = parent + "partial";
- if (CreateAPTDirectoryIfNeeded(grand, partial) == false &&
- CreateAPTDirectoryIfNeeded(parent, partial) == false)
+ mode_t const mode = umask(S_IWGRP | S_IWOTH);
+ bool const creation_fail = (CreateAPTDirectoryIfNeeded(grand, partial) == false &&
+ CreateAPTDirectoryIfNeeded(parent, partial) == false);
+ umask(mode);
+ if (creation_fail == true)
return false;
std::string const SandboxUser = _config->Find("APT::Sandbox::User");
- if (getuid() == 0 && SandboxUser.empty() == false) // if we aren't root, we can't chown, so don't try it
+ if (getuid() == 0 && SandboxUser.empty() == false && SandboxUser != "root") // if we aren't root, we can't chown, so don't try it
{
struct passwd const * const pw = getpwnam(SandboxUser.c_str());
struct group const * const gr = getgrnam("root");
}
}
/*}}}*/
-// Acquire::RunFds - Deal with active FDs /*{{{*/
+// Acquire::RunFds - compatibility remove on next abi/api break /*{{{*/
+void pkgAcquire::RunFds(fd_set *RSet,fd_set *WSet)
+{
+ RunFdsSane(RSet, WSet);
+};
+ /*}}}*/
+// Acquire::RunFdsSane - Deal with active FDs /*{{{*/
// ---------------------------------------------------------------------
/* Dispatch active FDs over to the proper workers. It is very important
that a worker never be erased while this is running! The queue class
should never erase a worker except during shutdown processing. */
-void pkgAcquire::RunFds(fd_set *RSet,fd_set *WSet)
+bool pkgAcquire::RunFdsSane(fd_set *RSet,fd_set *WSet)
{
+ bool Res = true;
+
for (Worker *I = Workers; I != 0; I = I->NextAcquire)
{
if (I->InFd >= 0 && FD_ISSET(I->InFd,RSet) != 0)
- I->InFdReady();
+ Res &= I->InFdReady();
if (I->OutFd >= 0 && FD_ISSET(I->OutFd,WSet) != 0)
- I->OutFdReady();
+ Res &= I->OutFdReady();
}
+
+ return Res;
}
/*}}}*/
// Acquire::Run - Run the fetch sequence /*{{{*/
/* This runs the queues. It manages a select loop for all of the
Worker tasks. The workers interact with the queues and items to
manage the actual fetch. */
+static bool IsAccessibleBySandboxUser(std::string const &filename, bool const ReadWrite)
+{
+ // you would think this is easily to answer with faccessat, right? Wrong!
+ // It e.g. gets groups wrong, so the only thing which works reliable is trying
+ // to open the file we want to open later on…
+ if (unlikely(filename.empty()))
+ return true;
+
+ if (ReadWrite == false)
+ {
+ errno = 0;
+ // can we read a file? Note that non-existing files are "fine"
+ int const fd = open(filename.c_str(), O_RDONLY | O_CLOEXEC);
+ if (fd == -1 && errno == EACCES)
+ return false;
+ close(fd);
+ return true;
+ }
+ else
+ {
+ // the file might not exist yet and even if it does we will fix permissions,
+ // so important is here just that the directory it is in allows that
+ std::string const dirname = flNotFile(filename);
+ if (unlikely(dirname.empty()))
+ return true;
+
+ char const * const filetag = ".apt-acquire-privs-test.XXXXXX";
+ std::string const tmpfile_tpl = flCombine(dirname, filetag);
+ std::unique_ptr<char, decltype(std::free) *> tmpfile { strdup(tmpfile_tpl.c_str()), std::free };
+ int const fd = mkstemp(tmpfile.get());
+ if (fd == -1 && errno == EACCES)
+ return false;
+ RemoveFile("IsAccessibleBySandboxUser", tmpfile.get());
+ close(fd);
+ return true;
+ }
+}
+static void CheckDropPrivsMustBeDisabled(pkgAcquire const &Fetcher)
+{
+ if(getuid() != 0)
+ return;
+
+ std::string const SandboxUser = _config->Find("APT::Sandbox::User");
+ if (SandboxUser.empty() || SandboxUser == "root")
+ return;
+
+ struct passwd const * const pw = getpwnam(SandboxUser.c_str());
+ if (pw == NULL)
+ {
+ _error->Warning(_("No sandbox user '%s' on the system, can not drop privileges"), SandboxUser.c_str());
+ _config->Set("APT::Sandbox::User", "");
+ return;
+ }
+
+ gid_t const old_euid = geteuid();
+ gid_t const old_egid = getegid();
+
+ long const ngroups_max = sysconf(_SC_NGROUPS_MAX);
+ std::unique_ptr<gid_t[]> old_gidlist(new gid_t[ngroups_max]);
+ if (unlikely(old_gidlist == NULL))
+ return;
+ ssize_t old_gidlist_nr;
+ if ((old_gidlist_nr = getgroups(ngroups_max, old_gidlist.get())) < 0)
+ {
+ _error->FatalE("getgroups", "getgroups %lu failed", ngroups_max);
+ old_gidlist[0] = 0;
+ old_gidlist_nr = 1;
+ }
+ if (setgroups(1, &pw->pw_gid))
+ _error->FatalE("setgroups", "setgroups %u failed", pw->pw_gid);
+
+ if (setegid(pw->pw_gid) != 0)
+ _error->FatalE("setegid", "setegid %u failed", pw->pw_gid);
+ if (seteuid(pw->pw_uid) != 0)
+ _error->FatalE("seteuid", "seteuid %u failed", pw->pw_uid);
+
+ for (pkgAcquire::ItemCIterator I = Fetcher.ItemsBegin();
+ I != Fetcher.ItemsEnd(); ++I)
+ {
+ // no need to drop privileges for a complete file
+ if ((*I)->Complete == true)
+ continue;
+
+ // if destination file is inaccessible all hope is lost for privilege dropping
+ if (IsAccessibleBySandboxUser((*I)->DestFile, true) == false)
+ {
+ _error->WarningE("pkgAcquire::Run", _("Can't drop privileges for downloading as file '%s' couldn't be accessed by user '%s'."),
+ (*I)->DestFile.c_str(), SandboxUser.c_str());
+ _config->Set("APT::Sandbox::User", "");
+ break;
+ }
+
+ // if its the source file (e.g. local sources) we might be lucky
+ // by dropping the dropping only for some methods.
+ URI const source = (*I)->DescURI();
+ if (source.Access == "file" || source.Access == "copy")
+ {
+ std::string const conf = "Binary::" + source.Access + "::APT::Sandbox::User";
+ if (_config->Exists(conf) == true)
+ continue;
+
+ if (IsAccessibleBySandboxUser(source.Path, false) == false)
+ {
+ _error->NoticeE("pkgAcquire::Run", _("Can't drop privileges for downloading as file '%s' couldn't be accessed by user '%s'."),
+ source.Path.c_str(), SandboxUser.c_str());
+ _config->CndSet("Binary::file::APT::Sandbox::User", "root");
+ _config->CndSet("Binary::copy::APT::Sandbox::User", "root");
+ }
+ }
+ }
+
+ if (seteuid(old_euid) != 0)
+ _error->FatalE("seteuid", "seteuid %u failed", old_euid);
+ if (setegid(old_egid) != 0)
+ _error->FatalE("setegid", "setegid %u failed", old_egid);
+ if (setgroups(old_gidlist_nr, old_gidlist.get()))
+ _error->FatalE("setgroups", "setgroups %u failed", 0);
+}
pkgAcquire::RunResult pkgAcquire::Run(int PulseIntervall)
{
+ _error->PushToStack();
+ CheckDropPrivsMustBeDisabled(*this);
+
Running = true;
for (Queue *I = Queues; I != 0; I = I->Next)
_error->Errno("select","Select has failed");
break;
}
-
- RunFds(&RFds,&WFds);
- if (_error->PendingError() == true)
- break;
-
+
+ if(RunFdsSane(&RFds,&WFds) == false)
+ break;
+
// Timeout, notify the log class
if (Res == 0 || (Log != 0 && Log->Update == true))
{
// Shut down the items
for (ItemIterator I = Items.begin(); I != Items.end(); ++I)
- (*I)->Finished();
-
- if (_error->PendingError())
+ (*I)->Finished();
+
+ bool const newError = _error->PendingError();
+ _error->MergeWithStack();
+ if (newError)
return Failed;
if (WasCancelled)
return Cancelled;
// Skip some files..
if (strcmp(Dir->d_name,"lock") == 0 ||
strcmp(Dir->d_name,"partial") == 0 ||
+ strcmp(Dir->d_name,"lost+found") == 0 ||
strcmp(Dir->d_name,".") == 0 ||
strcmp(Dir->d_name,"..") == 0)
continue;
// Nothing found, nuke it
if (I == Items.end())
- unlink(Dir->d_name);
+ RemoveFile("Clean", Dir->d_name);
};
closedir(D);
/* This is the total number of bytes needed */
APT_PURE unsigned long long pkgAcquire::TotalNeeded()
{
- unsigned long long Total = 0;
- for (ItemCIterator I = ItemsBegin(); I != ItemsEnd(); ++I)
- Total += (*I)->FileSize;
- return Total;
+ return std::accumulate(ItemsBegin(), ItemsEnd(), 0,
+ [](unsigned long long const T, Item const * const I) {
+ return T + I->FileSize;
+ });
}
/*}}}*/
// Acquire::FetchNeeded - Number of bytes needed to get /*{{{*/
/* This is the number of bytes that is not local */
APT_PURE unsigned long long pkgAcquire::FetchNeeded()
{
- unsigned long long Total = 0;
- for (ItemCIterator I = ItemsBegin(); I != ItemsEnd(); ++I)
- if ((*I)->Local == false)
- Total += (*I)->FileSize;
- return Total;
+ return std::accumulate(ItemsBegin(), ItemsEnd(), 0,
+ [](unsigned long long const T, Item const * const I) {
+ if (I->Local == false)
+ return T + I->FileSize;
+ else
+ return T;
+ });
}
/*}}}*/
// Acquire::PartialPresent - Number of partial bytes we already have /*{{{*/
/* This is the number of bytes that is not local */
APT_PURE unsigned long long pkgAcquire::PartialPresent()
{
- unsigned long long Total = 0;
- for (ItemCIterator I = ItemsBegin(); I != ItemsEnd(); ++I)
- if ((*I)->Local == false)
- Total += (*I)->PartialSize;
- return Total;
+ return std::accumulate(ItemsBegin(), ItemsEnd(), 0,
+ [](unsigned long long const T, Item const * const I) {
+ if (I->Local == false)
+ return T + I->PartialSize;
+ else
+ return T;
+ });
}
/*}}}*/
// Acquire::UriBegin - Start iterator for the uri list /*{{{*/
// Queue::Queue - Constructor /*{{{*/
// ---------------------------------------------------------------------
/* */
-pkgAcquire::Queue::Queue(string Name,pkgAcquire *Owner) : d(NULL), Next(0),
- Name(Name), Items(0), Workers(0), Owner(Owner), PipeDepth(0), MaxPipeDepth(1)
+pkgAcquire::Queue::Queue(string const &name,pkgAcquire * const owner) : d(NULL), Next(0),
+ Name(name), Items(0), Workers(0), Owner(owner), PipeDepth(0), MaxPipeDepth(1)
{
}
/*}}}*/
{
QItem **I = &Items;
// move to the end of the queue and check for duplicates here
+ HashStringList const hsl = Item.Owner->GetExpectedHashes();
for (; *I != 0; I = &(*I)->Next)
- if (Item.URI == (*I)->URI)
+ if (Item.URI == (*I)->URI || hsl == (*I)->Owner->GetExpectedHashes())
{
- Item.Owner->Status = Item::StatDone;
+ if (_config->FindB("Debug::pkgAcquire::Worker",false) == true)
+ std::cerr << " @ Queue: Action combined for " << Item.URI << " and " << (*I)->URI << std::endl;
+ (*I)->Owners.push_back(Item.Owner);
+ Item.Owner->Status = (*I)->Owner->Status;
return false;
}
{
if (Owner->Status == pkgAcquire::Item::StatFetching)
return _error->Error("Tried to dequeue a fetching object");
-
+
bool Res = false;
-
+
QItem **I = &Items;
for (; *I != 0;)
{
- if ((*I)->Owner == Owner)
+ if (Owner == (*I)->Owner)
{
QItem *Jnk= *I;
*I = (*I)->Next;
else
I = &(*I)->Next;
}
-
+
return Res;
}
/*}}}*/
bool pkgAcquire::Queue::ItemDone(QItem *Itm)
{
PipeDepth--;
- if (Itm->Owner->Status == pkgAcquire::Item::StatFetching)
- Itm->Owner->Status = pkgAcquire::Item::StatDone;
-
+ for (QItem::owner_iterator O = Itm->Owners.begin(); O != Itm->Owners.end(); ++O)
+ {
+ if ((*O)->Status == pkgAcquire::Item::StatFetching)
+ (*O)->Status = pkgAcquire::Item::StatDone;
+ }
+
if (Itm->Owner->QueueCounter <= 1)
Owner->Dequeue(Itm->Owner);
else
Dequeue(Itm->Owner);
Owner->Bump();
}
-
+
return Cycle();
}
/*}}}*/
if (PipeDepth < 0)
return _error->Error("Pipedepth failure");
-
+
// Look for a queable item
QItem *I = Items;
while (PipeDepth < (signed)MaxPipeDepth)
for (; I != 0; I = I->Next)
if (I->Owner->Status == pkgAcquire::Item::StatIdle)
break;
-
+
// Nothing to do, queue is idle.
if (I == 0)
return true;
-
+
I->Worker = Workers;
- I->Owner->Status = pkgAcquire::Item::StatFetching;
+ for (auto const &O: I->Owners)
+ O->Status = pkgAcquire::Item::StatFetching;
PipeDepth++;
if (Workers->QueueItem(I) == false)
return false;
}
-
+
return true;
}
/*}}}*/
Cycle();
}
/*}}}*/
+HashStringList pkgAcquire::Queue::QItem::GetExpectedHashes() const /*{{{*/
+{
+ /* each Item can have multiple owners and each owner might have different
+ hashes, even if that is unlikely in practice and if so at least some
+ owners will later fail. There is one situation through which is not a
+ failure and still needs this handling: Two owners who expect the same
+ file, but one owner only knows the SHA1 while the other only knows SHA256. */
+ HashStringList superhsl;
+ for (pkgAcquire::Queue::QItem::owner_iterator O = Owners.begin(); O != Owners.end(); ++O)
+ {
+ HashStringList const hsl = (*O)->GetExpectedHashes();
+ if (hsl.usable() == false)
+ continue;
+ if (superhsl.usable() == false)
+ superhsl = hsl;
+ else
+ {
+ // we merge both lists - if we find disagreement send no hashes
+ HashStringList::const_iterator hs = hsl.begin();
+ for (; hs != hsl.end(); ++hs)
+ if (superhsl.push_back(*hs) == false)
+ break;
+ if (hs != hsl.end())
+ {
+ superhsl.clear();
+ break;
+ }
+ }
+ }
+ return superhsl;
+}
+ /*}}}*/
+APT_PURE unsigned long long pkgAcquire::Queue::QItem::GetMaximumSize() const /*{{{*/
+{
+ unsigned long long Maximum = std::numeric_limits<unsigned long long>::max();
+ for (auto const &O: Owners)
+ {
+ if (O->FileSize == 0)
+ continue;
+ Maximum = std::min(Maximum, O->FileSize);
+ }
+ if (Maximum == std::numeric_limits<unsigned long long>::max())
+ return 0;
+ return Maximum;
+}
+ /*}}}*/
+void pkgAcquire::Queue::QItem::SyncDestinationFiles() const /*{{{*/
+{
+ /* ensure that the first owner has the best partial file of all and
+ the rest have (potentially dangling) symlinks to it so that
+ everything (like progress reporting) finds it easily */
+ std::string superfile = Owner->DestFile;
+ off_t supersize = 0;
+ for (pkgAcquire::Queue::QItem::owner_iterator O = Owners.begin(); O != Owners.end(); ++O)
+ {
+ if ((*O)->DestFile == superfile)
+ continue;
+ struct stat file;
+ if (lstat((*O)->DestFile.c_str(),&file) == 0)
+ {
+ if ((file.st_mode & S_IFREG) == 0)
+ RemoveFile("SyncDestinationFiles", (*O)->DestFile);
+ else if (supersize < file.st_size)
+ {
+ supersize = file.st_size;
+ RemoveFile("SyncDestinationFiles", superfile);
+ rename((*O)->DestFile.c_str(), superfile.c_str());
+ }
+ else
+ RemoveFile("SyncDestinationFiles", (*O)->DestFile);
+ if (symlink(superfile.c_str(), (*O)->DestFile.c_str()) != 0)
+ {
+ ; // not a problem per-se and no real alternative
+ }
+ }
+ }
+}
+ /*}}}*/
+std::string pkgAcquire::Queue::QItem::Custom600Headers() const /*{{{*/
+{
+ /* The others are relatively easy to merge, but this one?
+ Lets not merge and see how far we can run with it…
+ Likely, nobody will ever notice as all the items will
+ be of the same class and hence generate the same headers. */
+ return Owner->Custom600Headers();
+}
+ /*}}}*/
+
// AcquireStatus::pkgAcquireStatus - Constructor /*{{{*/
// ---------------------------------------------------------------------
/* */
-pkgAcquireStatus::pkgAcquireStatus() : d(NULL), Percent(0), Update(true), MorePulses(false)
+pkgAcquireStatus::pkgAcquireStatus() : d(NULL), Percent(-1), Update(true), MorePulses(false)
{
Start();
}
{
CurrentBytes += I->CurrentSize;
ResumeSize += I->ResumePoint;
-
+
// Files with unknown size always have 100% completion
- if (I->CurrentItem->Owner->FileSize == 0 &&
+ if (I->CurrentItem->Owner->FileSize == 0 &&
I->CurrentItem->Owner->Complete == false)
TotalBytes += I->CurrentSize;
}
Time = NewTime;
}
+ double const OldPercent = Percent;
// calculate the percentage, if we have too little data assume 1%
if (TotalBytes > 0 && UnfetchedReleaseFiles)
Percent = 0;
- else
+ else
// use both files and bytes because bytes can be unreliable
- Percent = (0.8 * (CurrentBytes/float(TotalBytes)*100.0) +
+ Percent = (0.8 * (CurrentBytes/float(TotalBytes)*100.0) +
0.2 * (CurrentItems/float(TotalItems)*100.0));
+ double const DiffPercent = Percent - OldPercent;
+ if (DiffPercent < 0.001 && _config->FindB("Acquire::Progress::Diffpercent", false) == true)
+ return true;
int fd = _config->FindI("APT::Status-Fd",-1);
if(fd > 0)
snprintf(msg,sizeof(msg), _("Retrieving file %li of %li (%s remaining)"), i, TotalItems, TimeToStr(ETA).c_str());
else
snprintf(msg,sizeof(msg), _("Retrieving file %li of %li"), i, TotalItems);
-
+
// build the status str
status << "dlstatus:" << i
<< ":" << std::setprecision(3) << Percent
- << ":" << msg
+ << ":" << msg
<< endl;
std::string const dlstatus = status.str();
}
/*}}}*/
+pkgAcquire::UriIterator::UriIterator(pkgAcquire::Queue *Q) : d(NULL), CurQ(Q), CurItem(0)
+{
+ while (CurItem == 0 && CurQ != 0)
+ {
+ CurItem = CurQ->Items;
+ CurQ = CurQ->Next;
+ }
+}
+
APT_CONST pkgAcquire::UriIterator::~UriIterator() {}
APT_CONST pkgAcquire::MethodConfig::~MethodConfig() {}
APT_CONST pkgAcquireStatus::~pkgAcquireStatus() {}