X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/00026265672f2663e0aa0ab1a3fa7333f718a643..1b50bba6571661d1ddc1db808bd618bd0de3cae4:/apt-pkg/contrib/fileutl.h?ds=sidebyside diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h index 0b4d94885..f33f7804b 100644 --- a/apt-pkg/contrib/fileutl.h +++ b/apt-pkg/contrib/fileutl.h @@ -41,6 +41,13 @@ using std::string; class FileFdPrivate; class FileFd { + friend class FileFdPrivate; + friend class GzipFileFdPrivate; + friend class Bz2FileFdPrivate; + friend class LzmaFileFdPrivate; + friend class Lz4FileFdPrivate; + friend class DirectFileFdPrivate; + friend class PipedFileFdPrivate; protected: int iFd; @@ -60,6 +67,7 @@ class FileFd Exclusive = (1 << 3), Atomic = Exclusive | (1 << 4), Empty = (1 << 5), + BufferedWrite = (1 << 6), WriteEmpty = ReadWrite | Create | Empty, WriteExists = ReadWrite, @@ -68,7 +76,7 @@ class FileFd ReadOnlyGzip, WriteAtomic = ReadWrite | Create | Atomic }; - enum CompressMode { Auto = 'A', None = 'N', Extension = 'E', Gzip = 'G', Bzip2 = 'B', Lzma = 'L', Xz = 'X' }; + enum CompressMode { Auto = 'A', None = 'N', Extension = 'E', Gzip = 'G', Bzip2 = 'B', Lzma = 'L', Xz = 'X', Lz4='4' }; inline bool Read(void *To,unsigned long long Size,bool AllowEof) { @@ -79,13 +87,16 @@ class FileFd } bool Read(void *To,unsigned long long Size,unsigned long long *Actual = 0); char* ReadLine(char *To, unsigned long long const Size); + bool Flush(); bool Write(const void *From,unsigned long long Size); bool static Write(int Fd, const void *From, unsigned long long Size); bool Seek(unsigned long long To); bool Skip(unsigned long long To); bool Truncate(unsigned long long To); unsigned long long Tell(); + // the size of the file content (compressed files will be uncompressed first) unsigned long long Size(); + // the size of the file itself unsigned long long FileSize(); time_t ModificationTime(); @@ -93,9 +104,9 @@ class FileFd to be able to support large files (>2 or >4 GB) properly. This shouldn't happen all to often for the indexes, but deb's might be… And as the auto-conversation converts a 'unsigned long *' to a 'bool' - instead of 'unsigned long long *' we need to provide this explicitely - + instead of 'unsigned long long *' we need to provide this explicitly - otherwise applications magically start to fail… */ - bool Read(void *To,unsigned long long Size,unsigned long *Actual) APT_DEPRECATED + bool Read(void *To,unsigned long long Size,unsigned long *Actual) APT_DEPRECATED_MSG("The Actual variable you pass in should be an unsigned long long") { unsigned long long R; bool const T = Read(To, Size, &R); @@ -119,7 +130,7 @@ class FileFd // Simple manipulators inline int Fd() {return iFd;}; inline void Fd(int fd) { OpenDescriptor(fd, ReadWrite);}; - gzFile gzFd() APT_DEPRECATED APT_PURE; + gzFile gzFd() APT_DEPRECATED_MSG("Implementation detail, do not use to be able to support bzip2, xz and co") APT_PURE; inline bool IsOpen() {return iFd >= 0;}; inline bool Failed() {return (Flags & Fail) == Fail;}; @@ -128,28 +139,17 @@ class FileFd inline bool Eof() {return (Flags & HitEof) == HitEof;}; inline bool IsCompressed() {return (Flags & Compressed) == Compressed;}; inline std::string &Name() {return FileName;}; - - FileFd(std::string FileName,unsigned int const Mode,unsigned long AccessMode = 0666) : iFd(-1), Flags(0), d(NULL) - { - Open(FileName,Mode, None, AccessMode); - }; - FileFd(std::string FileName,unsigned int const Mode, CompressMode Compress, unsigned long AccessMode = 0666) : iFd(-1), Flags(0), d(NULL) - { - Open(FileName,Mode, Compress, AccessMode); - }; - FileFd() : iFd(-1), Flags(AutoClose), d(NULL) {}; - FileFd(int const Fd, unsigned int const Mode = ReadWrite, CompressMode Compress = None) : iFd(-1), Flags(0), d(NULL) - { - OpenDescriptor(Fd, Mode, Compress); - }; - FileFd(int const Fd, bool const AutoClose) : iFd(-1), Flags(0), d(NULL) - { - OpenDescriptor(Fd, ReadWrite, None, AutoClose); - }; + + FileFd(std::string FileName,unsigned int const Mode,unsigned long AccessMode = 0666); + FileFd(std::string FileName,unsigned int const Mode, CompressMode Compress, unsigned long AccessMode = 0666); + FileFd(); + FileFd(int const Fd, unsigned int const Mode = ReadWrite, CompressMode Compress = None); + FileFd(int const Fd, bool const AutoClose); virtual ~FileFd(); private: - FileFdPrivate* d; + FileFdPrivate * d; + APT_HIDDEN FileFd & operator=(const FileFd &); APT_HIDDEN bool OpenInternDescriptor(unsigned int const Mode, APT::Configuration::Compressor const &compressor); // private helpers to set Fail flag and call _error->Error @@ -159,6 +159,7 @@ class FileFd bool RunScripts(const char *Cnf); bool CopyFile(FileFd &From,FileFd &To); +bool RemoveFile(char const * const Function, std::string const &FileName); int GetLock(std::string File,bool Errors = true); bool FileExists(std::string File); bool RealFileExists(std::string File); @@ -168,8 +169,10 @@ time_t GetModificationTime(std::string const &Path); bool Rename(std::string From, std::string To); std::string GetTempDir(); -FileFd* GetTempFile(std::string const &Prefix = "", - bool ImmediateUnlink = true); +std::string GetTempDir(std::string const &User); +FileFd* GetTempFile(std::string const &Prefix = "", + bool ImmediateUnlink = true, + FileFd * const TmpFd = NULL); /** \brief Ensure the existence of the given Path * @@ -196,6 +199,31 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap = false); // check if the given file starts with a PGP cleartext signature bool StartsWithGPGClearTextSignature(std::string const &FileName); +/** change file attributes to requested known good values + * + * The method skips the user:group setting if not root. + * + * @param requester is printed as functionname in error cases + * @param file is the file to be modified + * @param user is the (new) owner of the file, e.g. _apt + * @param group is the (new) group owning the file, e.g. root + * @param mode is the access mode of the file, e.g. 0644 + */ +bool ChangeOwnerAndPermissionOfFile(char const * const requester, char const * const file, char const * const user, char const * const group, mode_t const mode); + +/** + * \brief Drop privileges + * + * Drop the privileges to the user _apt (or the one specified in + * APT::Sandbox::User). This does not set the supplementary group + * ids up correctly, it only uses the default group. Also prevent + * the process from gaining any new privileges afterwards, at least + * on Linux. + * + * \return true on success, false on failure with _error set + */ +bool DropPrivileges(); + // File string manipulators std::string flNotDir(std::string File); std::string flNotFile(std::string File);