From 0d303f1764645284b33924c9be8bf29f0a32ca5c Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Mon, 20 Oct 2014 12:00:46 +0200 Subject: [PATCH 1/1] test if TMPDIR is accessible before using Private temporary directories as created by e.g. libpam-tmpdir are nice, but they are also very effective in preventing our priviledge dropping to work as TMPDIR will be set to a directory only root has access to, so working with it as _apt will fail. We circumvent this by extending our check for a usable TMPDIR setting by checking access rights. Closes: 765951 --- apt-pkg/contrib/fileutl.cc | 6 ++++-- cmdline/apt-key.in | 8 ++++++-- test/integration/framework | 4 ++++ test/integration/test-bug-604401-files-are-directories | 2 +- test/libapt/fileutl_test.cc | 10 +++++++++- 5 files changed, 24 insertions(+), 6 deletions(-) diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index c51eee737..47033eadf 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -2066,9 +2066,11 @@ std::string GetTempDir() /*{{{*/ tmpdir = P_tmpdir; #endif - // check that tmpdir is set and exists struct stat st; - if (!tmpdir || strlen(tmpdir) == 0 || stat(tmpdir, &st) != 0) + if (!tmpdir || strlen(tmpdir) == 0 || // tmpdir is set + stat(tmpdir, &st) != 0 || (st.st_mode & S_IFDIR) == 0 || // exists and is directory + access(tmpdir, R_OK | W_OK | X_OK) != 0 // current user has rwx access to directory + ) tmpdir = "/tmp"; return string(tmpdir); diff --git a/cmdline/apt-key.in b/cmdline/apt-key.in index 7a3852ee8..cf0b9a96f 100644 --- a/cmdline/apt-key.in +++ b/cmdline/apt-key.in @@ -384,8 +384,12 @@ if [ "$command" != "help" ]; then # gpg needs (in different versions more or less) files to function correctly, # so we give it its own homedir and generate some valid content for it - if [ ! -d "$TMPDIR" ]; then - unset TMPDIR + if [ -n "$TMPDIR" ]; then + # tmpdir is a directory and current user has rwx access to it + # same tests as in apt-pkg/contrib/fileutl.cc GetTempDir() + if [ ! -d "$TMPDIR" ] || [ ! -r "$TMPDIR" ] || [ ! -w "$TMPDIR" ] || [ ! -x "$TMPDIR" ]; then + unset TMPDIR + fi fi GPGHOMEDIR="$(mktemp -d)" CURRENTTRAP="${CURRENTTRAP} rm -rf '${GPGHOMEDIR}';" diff --git a/test/integration/framework b/test/integration/framework index 9ce300d55..d576712e5 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -176,6 +176,10 @@ addtrap() { } setupenvironment() { + # privilege dropping and testing doesn't work if /tmp isn't world-writeable (as e.g. with libpam-tmpdir) + if [ -n "$TMPDIR" ] && [ "$(id -u)" = '0' ] && [ "$(stat --format '%a' "$TMPDIR")" != '1777' ]; then + unset TMPDIR + fi TMPWORKINGDIRECTORY=$(mktemp -d) addtrap "cd /; rm -rf $TMPWORKINGDIRECTORY;" msgninfo "Preparing environment for ${CCMD}$(basename $0)${CINFO} in ${TMPWORKINGDIRECTORY}… " diff --git a/test/integration/test-bug-604401-files-are-directories b/test/integration/test-bug-604401-files-are-directories index e6913edcf..fe0ccc783 100755 --- a/test/integration/test-bug-604401-files-are-directories +++ b/test/integration/test-bug-604401-files-are-directories @@ -57,7 +57,7 @@ echo 'Package: apt Pin: release a=now Pin-Value: 1000' > rootdir/etc/apt/good-link.pref ln -s rootdir/etc/apt/good-link.pref rootdir/etc/apt/preferences -test -n "$(aptcache policy | grep 1000)" && msgfail || msgpass +test -n "$(aptcache policy | grep '1000 ')" && msgfail || msgpass rm rootdir/etc/apt/preferences msgtest "Broken link instead of a file as preferences ignored" diff --git a/test/libapt/fileutl_test.cc b/test/libapt/fileutl_test.cc index cdf7ea479..8d47c5098 100644 --- a/test/libapt/fileutl_test.cc +++ b/test/libapt/fileutl_test.cc @@ -217,8 +217,16 @@ TEST(FileUtlTest, GetTempDir) setenv("TMPDIR", "/not-there-no-really-not", 1); EXPECT_EQ("/tmp", GetTempDir()); + // here but not accessible for non-roots setenv("TMPDIR", "/usr", 1); - EXPECT_EQ("/usr", GetTempDir()); + EXPECT_EQ("/tmp", GetTempDir()); + + // files are no good for tmpdirs, too + setenv("TMPDIR", "/dev/null", 1); + EXPECT_EQ("/tmp", GetTempDir()); + + setenv("TMPDIR", "/var/tmp", 1); + EXPECT_EQ("/var/tmp", GetTempDir()); unsetenv("TMPDIR"); if (old_tmpdir.empty() == false) -- 2.45.2