git.saurik.com Git - apt.git/commit

author	David Kalnischkies <david@kalnischkies.de>
	Wed, 15 Oct 2014 00:43:44 +0000 (02:43 +0200)
committer	David Kalnischkies <david@kalnischkies.de>
	Wed, 15 Oct 2014 00:43:44 +0000 (02:43 +0200)
commit	460601d53039b1d1b5688a8cd58bae10fb746f57
tree	a555768f443937b165f82cc7d16a29bb6abf7f65	tree \| snapshot
parent	d4f4bcf76bb2035b7df370a82b081384140b3083	commit \| diff

don't drop privileges if _apt has not enough rights

Privilege dropping breaks download/source/changelog commands as they
require the _apt user to have write permissions in the current directory,
which is e.g. the case in /tmp, but not in /root, so we disable the
privilege dropping if we deal with such a directory based on idea and
code by Michael Vogt.

The alternative would be to download always to a temp directory and move
it then done, but this breaks partial file support. To resolve this, we
could move to one of our partial/ directories, but this would require a
lock which would block root from using two of these commands in
parallel. As both seems unacceptable we instead let the user choose what
to do: Either a directory is setupped for _apt, downloading as root is
accepted or – which is potentially even better – an unprivileged user is
used for the commands.

apt-private/private-download.cc		diff \| blob \| blame \| history
apt-private/private-download.h		diff \| blob \| blame \| history
cmdline/apt-get.cc		diff \| blob \| blame \| history
cmdline/apt-helper.cc		diff \| blob \| blame \| history