We autocreate for a while now the last two directories in /var/lib/apt/lists
(similar for /var/cache/apt/archives) which is very nice for systems having
any of those on tmpfs or other non-persistent storage. This also means
though that this creation is effected by the default umask, so for
people with aggressive umasks like 027 the directories will be created
with 750, which means all non-root users are left out, which is usually
exactly what we want then this umask is set, but the cache and lib
directories contain public knowledge. There isn't any need to protect
them from viewers and they render apt completely useless if not
readable.
static bool SetupAPTPartialDirectory(std::string const &grand, std::string const &parent)
{
std::string const partial = parent + "partial";
static bool SetupAPTPartialDirectory(std::string const &grand, std::string const &parent)
{
std::string const partial = parent + "partial";
- if (CreateAPTDirectoryIfNeeded(grand, partial) == false &&
- CreateAPTDirectoryIfNeeded(parent, partial) == false)
+ mode_t const mode = umask(S_IWGRP | S_IWOTH);
+ bool const creation_fail = (CreateAPTDirectoryIfNeeded(grand, partial) == false &&
+ CreateAPTDirectoryIfNeeded(parent, partial) == false);
+ umask(mode);
+ if (creation_fail == true)
return false;
std::string const SandboxUser = _config->Find("APT::Sandbox::User");
return false;
std::string const SandboxUser = _config->Find("APT::Sandbox::User");
// check for existence and possibly create state directory for copying
string const listDir = _config->FindDir("Dir::State::lists");
string const partialListDir = listDir + "partial/";
// check for existence and possibly create state directory for copying
string const listDir = _config->FindDir("Dir::State::lists");
string const partialListDir = listDir + "partial/";
- if (CreateAPTDirectoryIfNeeded(_config->FindDir("Dir::State"), partialListDir) == false &&
- CreateAPTDirectoryIfNeeded(listDir, partialListDir) == false)
+ mode_t const mode = umask(S_IWGRP | S_IWOTH);
+ bool const creation_fail = (CreateAPTDirectoryIfNeeded(_config->FindDir("Dir::State"), partialListDir) == false &&
+ CreateAPTDirectoryIfNeeded(listDir, partialListDir) == false);
+ umask(mode);
+ if (creation_fail == true)
{
UnmountCDROM(CDROM, NULL);
return _error->Errno("cdrom", _("List directory %spartial is missing."), listDir.c_str());
{
UnmountCDROM(CDROM, NULL);
return _error->Errno("cdrom", _("List directory %spartial is missing."), listDir.c_str());
mkdir rootdir aptarchive keys
cd rootdir
mkdir -p etc/apt/apt.conf.d etc/apt/sources.list.d etc/apt/trusted.gpg.d etc/apt/preferences.d
mkdir rootdir aptarchive keys
cd rootdir
mkdir -p etc/apt/apt.conf.d etc/apt/sources.list.d etc/apt/trusted.gpg.d etc/apt/preferences.d
- mkdir -p usr/bin var/cache var/lib/apt var/log tmp
+ mkdir -p usr/bin var/cache var/lib var/log tmp
mkdir -p var/lib/dpkg/info var/lib/dpkg/updates var/lib/dpkg/triggers
touch var/lib/dpkg/available
mkdir -p usr/lib/apt
mkdir -p var/lib/dpkg/info var/lib/dpkg/updates var/lib/dpkg/triggers
touch var/lib/dpkg/available
mkdir -p usr/lib/apt
echo -n >&2 "stat(1) reports for $2: "
stat --format "$2" "$1"
msgfail
echo -n >&2 "stat(1) reports for $2: "
stat --format "$2" "$1"
msgfail
+### convinience hacks ###
+mkdir() {
+ # creating some directories by hand is a tedious task, so make it look simple
+ if [ "$*" = '-p rootdir/var/lib/apt/lists' ] || [ "$*" = "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists" ] ||
+ [ "$*" = '-p rootdir/var/lib/apt/lists/partial' ] || [ "$*" = "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists/partial" ]; then
+ # only the last directory created by mkdir is effected by the -m !
+ command mkdir -m 755 -p "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt"
+ command mkdir -m 755 -p "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists"
+ command mkdir -m 700 -p "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists/partial"
+ touch "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists/lock"
+ if [ "$(id -u)" = '0' ]; then
+ chown _apt:root "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists/partial"
+ fi
+ else
+ command mkdir "$@"
+ fi
+}
+
### The following tests are run by most test methods automatically to check
### general things about commands executed without writing the test every time.
### The following tests are run by most test methods automatically to check
### general things about commands executed without writing the test every time.
aptautotest_aptget_update() {
if ! test -d "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists"; then return; fi
aptautotest_aptget_update() {
if ! test -d "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists"; then return; fi
+ testfilestats "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt" '%U:%G:%a' '=' "${USER}:${USER}:755"
+ testfilestats "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists" '%U:%G:%a' '=' "${USER}:${USER}:755"
# all copied files are properly chmodded
for file in $(find "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists" -maxdepth 1 -type f ! -name 'lock'); do
testfilestats "$file" '%U:%G:%a' '=' "${USER}:${USER}:644"
# all copied files are properly chmodded
for file in $(find "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists" -maxdepth 1 -type f ! -name 'lock'); do
testfilestats "$file" '%U:%G:%a' '=' "${USER}:${USER}:644"
msgtest 'Test for the german description translation of' 'testing'
aptcache show testing -o Acquire::Languages=de | grep -q '^Description-de: ' && msgpass || msgfail
rm -rf rootdir/var/lib/apt/lists
msgtest 'Test for the german description translation of' 'testing'
aptcache show testing -o Acquire::Languages=de | grep -q '^Description-de: ' && msgpass || msgfail
rm -rf rootdir/var/lib/apt/lists
-mkdir -p rootdir/var/lib/apt/lists/partial
testequal "$CDROM_PRE
Found 2 package indexes, 1 source indexes, 1 translation indexes and 1 signatures
$CDROM_POST" aptcdromlog add
testequal "$CDROM_PRE
Found 2 package indexes, 1 source indexes, 1 translation indexes and 1 signatures
$CDROM_POST" aptcdromlog add
testsetup() {
msgmsg 'Test with no initial data over' "$1"
rm -rf rootdir/var/lib/apt/lists
testsetup() {
msgmsg 'Test with no initial data over' "$1"
rm -rf rootdir/var/lib/apt/lists
- mkdir -m 700 -p rootdir/var/lib/apt/lists/partial
- touch rootdir/var/lib/apt/lists/lock
- if [ "$(id -u)" = '0' ]; then
- chown _apt:root rootdir/var/lib/apt/lists/partial
- fi
+ mkdir -p rootdir/var/lib/apt/lists/partial
listcurrentlistsdirectory > listsdir.lst
testrun 'listsdir.lst'
listcurrentlistsdirectory > listsdir.lst
testrun 'listsdir.lst'
projects / apt.git / commitdiff
