#include <apt-pkg/fileutl.h>
#include <algorithm>
+#include <numeric>
#include <string>
#include <vector>
#include <iostream>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <fcntl.h>
#include <pwd.h>
#include <grp.h>
#include <dirent.h>
#include <sys/select.h>
#include <errno.h>
#include <sys/stat.h>
-#include <sys/types.h>
#include <apti18n.h>
/*}}}*/
// Acquire::pkgAcquire - Constructor /*{{{*/
// ---------------------------------------------------------------------
/* We grab some runtime state from the configuration space */
-pkgAcquire::pkgAcquire() : LockFD(-1), Queues(0), Workers(0), Configs(0), Log(NULL), ToFetch(0),
+pkgAcquire::pkgAcquire() : LockFD(-1), d(NULL), Queues(0), Workers(0), Configs(0), Log(NULL), ToFetch(0),
Debug(_config->FindB("Debug::pkgAcquire",false)),
Running(false)
{
Initialize();
}
-pkgAcquire::pkgAcquire(pkgAcquireStatus *Progress) : LockFD(-1), Queues(0), Workers(0),
+pkgAcquire::pkgAcquire(pkgAcquireStatus *Progress) : LockFD(-1), d(NULL), Queues(0), Workers(0),
Configs(0), Log(NULL), ToFetch(0),
Debug(_config->FindB("Debug::pkgAcquire",false)),
Running(false)
/* This runs the queues. It manages a select loop for all of the
Worker tasks. The workers interact with the queues and items to
manage the actual fetch. */
+static void CheckDropPrivsMustBeDisabled(pkgAcquire const &Fetcher)
+{
+ if(getuid() != 0)
+ return;
+
+ std::string SandboxUser = _config->Find("APT::Sandbox::User");
+ if (SandboxUser.empty())
+ return;
+
+ struct passwd const * const pw = getpwnam(SandboxUser.c_str());
+ if (pw == NULL)
+ return;
+
+ gid_t const old_euid = geteuid();
+ gid_t const old_egid = getegid();
+ if (setegid(pw->pw_gid) != 0)
+ _error->Errno("setegid", "setegid %u failed", pw->pw_gid);
+ if (seteuid(pw->pw_uid) != 0)
+ _error->Errno("seteuid", "seteuid %u failed", pw->pw_uid);
+
+ for (pkgAcquire::ItemCIterator I = Fetcher.ItemsBegin();
+ I != Fetcher.ItemsEnd(); ++I)
+ {
+ std::string filename = (*I)->DestFile;
+ if (filename.empty())
+ continue;
+
+ // no need to drop privileges for a complete file
+ if ((*I)->Complete == true)
+ continue;
+
+ // we check directory instead of file as the file might or might not
+ // exist already as a link or not which complicates everything…
+ std::string dirname = flNotFile(filename);
+ if (unlikely(dirname.empty()))
+ continue;
+ // translate relative to absolute for DirectoryExists
+ // FIXME: What about ../ and ./../ ?
+ if (dirname.substr(0,2) == "./")
+ dirname = SafeGetCWD() + dirname.substr(2);
+
+ if (DirectoryExists(dirname))
+ ;
+ else
+ continue; // assume it is created correctly by the acquire system
+
+ if (faccessat(-1, dirname.c_str(), R_OK | W_OK | X_OK, AT_EACCESS | AT_SYMLINK_NOFOLLOW) != 0)
+ {
+ _error->WarningE("pkgAcquire::Run", _("Can't drop privileges for downloading as file '%s' couldn't be accessed by user '%s'."),
+ filename.c_str(), SandboxUser.c_str());
+ _config->Set("APT::Sandbox::User", "");
+ break;
+ }
+ }
+
+ if (seteuid(old_euid) != 0)
+ _error->Errno("seteuid", "seteuid %u failed", old_euid);
+ if (setegid(old_egid) != 0)
+ _error->Errno("setegid", "setegid %u failed", old_egid);
+}
pkgAcquire::RunResult pkgAcquire::Run(int PulseIntervall)
{
+ _error->PushToStack();
+ CheckDropPrivsMustBeDisabled(*this);
+
Running = true;
for (Queue *I = Queues; I != 0; I = I->Next)
_error->Errno("select","Select has failed");
break;
}
-
+
RunFds(&RFds,&WFds);
- if (_error->PendingError() == true)
- break;
-
+
// Timeout, notify the log class
if (Res == 0 || (Log != 0 && Log->Update == true))
{
// Shut down the items
for (ItemIterator I = Items.begin(); I != Items.end(); ++I)
- (*I)->Finished();
-
- if (_error->PendingError())
+ (*I)->Finished();
+
+ bool const newError = _error->PendingError();
+ _error->MergeWithStack();
+ if (newError)
return Failed;
if (WasCancelled)
return Cancelled;
// Nothing found, nuke it
if (I == Items.end())
- unlink(Dir->d_name);
+ RemoveFile("Clean", Dir->d_name);
};
closedir(D);
/* This is the total number of bytes needed */
APT_PURE unsigned long long pkgAcquire::TotalNeeded()
{
- unsigned long long Total = 0;
- for (ItemCIterator I = ItemsBegin(); I != ItemsEnd(); ++I)
- Total += (*I)->FileSize;
- return Total;
+ return std::accumulate(ItemsBegin(), ItemsEnd(), 0,
+ [](unsigned long long const T, Item const * const I) {
+ return T + I->FileSize;
+ });
}
/*}}}*/
// Acquire::FetchNeeded - Number of bytes needed to get /*{{{*/
/* This is the number of bytes that is not local */
APT_PURE unsigned long long pkgAcquire::FetchNeeded()
{
- unsigned long long Total = 0;
- for (ItemCIterator I = ItemsBegin(); I != ItemsEnd(); ++I)
- if ((*I)->Local == false)
- Total += (*I)->FileSize;
- return Total;
+ return std::accumulate(ItemsBegin(), ItemsEnd(), 0,
+ [](unsigned long long const T, Item const * const I) {
+ if (I->Local == false)
+ return T + I->FileSize;
+ else
+ return T;
+ });
}
/*}}}*/
// Acquire::PartialPresent - Number of partial bytes we already have /*{{{*/
/* This is the number of bytes that is not local */
APT_PURE unsigned long long pkgAcquire::PartialPresent()
{
- unsigned long long Total = 0;
- for (ItemCIterator I = ItemsBegin(); I != ItemsEnd(); ++I)
- if ((*I)->Local == false)
- Total += (*I)->PartialSize;
- return Total;
+ return std::accumulate(ItemsBegin(), ItemsEnd(), 0,
+ [](unsigned long long const T, Item const * const I) {
+ if (I->Local == false)
+ return T + I->PartialSize;
+ else
+ return T;
+ });
}
/*}}}*/
// Acquire::UriBegin - Start iterator for the uri list /*{{{*/
return true;
I->Worker = Workers;
- for (QItem::owner_iterator O = I->Owners.begin(); O != I->Owners.end(); ++O)
- (*O)->Status = pkgAcquire::Item::StatFetching;
+ for (auto const &O: I->Owners)
+ O->Status = pkgAcquire::Item::StatFetching;
PipeDepth++;
if (Workers->QueueItem(I) == false)
return false;
APT_PURE unsigned long long pkgAcquire::Queue::QItem::GetMaximumSize() const /*{{{*/
{
unsigned long long Maximum = std::numeric_limits<unsigned long long>::max();
- for (pkgAcquire::Queue::QItem::owner_iterator O = Owners.begin(); O != Owners.end(); ++O)
+ for (auto const &O: Owners)
{
- if ((*O)->FileSize == 0)
+ if (O->FileSize == 0)
continue;
- Maximum = std::min(Maximum, (*O)->FileSize);
+ Maximum = std::min(Maximum, O->FileSize);
}
if (Maximum == std::numeric_limits<unsigned long long>::max())
return 0;
if (lstat((*O)->DestFile.c_str(),&file) == 0)
{
if ((file.st_mode & S_IFREG) == 0)
- unlink((*O)->DestFile.c_str());
+ RemoveFile("SyncDestinationFiles", (*O)->DestFile);
else if (supersize < file.st_size)
{
supersize = file.st_size;
- unlink(superfile.c_str());
+ RemoveFile("SyncDestinationFiles", superfile);
rename((*O)->DestFile.c_str(), superfile.c_str());
}
else
- unlink((*O)->DestFile.c_str());
+ RemoveFile("SyncDestinationFiles", (*O)->DestFile);
if (symlink(superfile.c_str(), (*O)->DestFile.c_str()) != 0)
{
; // not a problem per-se and no real alternative