From 6f1f3c9afdb6ade6a7be110b90c8fc9e603254cf Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <jak@debian.org>
Date: Thu, 25 Aug 2016 16:25:00 +0200
Subject: [PATCH] Make root group configurable via ROOT_GROUP

This is needed on BSD where root's default group is wheel, not
root.
---
 CMake/config.h.in         | 3 +++
 CMakeLists.txt            | 6 ++++++
 apt-pkg/acquire-item.cc   | 2 +-
 apt-pkg/acquire-worker.cc | 4 ++--
 apt-pkg/acquire.cc        | 4 ++--
 apt-pkg/indexcopy.cc      | 6 +++---
 6 files changed, 17 insertions(+), 8 deletions(-)

diff --git a/CMake/config.h.in b/CMake/config.h.in
index c23254929..6f39e2f58 100644
--- a/CMake/config.h.in
+++ b/CMake/config.h.in
@@ -64,6 +64,9 @@
 #cmakedefine LIBEXEC_DIR "${LIBEXEC_DIR}"
 #cmakedefine BIN_DIR "${BIN_DIR}"
 
+/* Group of the root user */
+#cmakedefine ROOT_GROUP "${ROOT_GROUP}"
+
 #define APT_8_CLEANER_HEADERS
 #define APT_9_CLEANER_HEADERS
 #define APT_10_CLEANER_HEADERS
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 916090866..24c58a0f8 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -170,6 +170,12 @@ if (NOT DEFINED COMMON_ARCH)
   execute_process(COMMAND dpkg-architecture -qDEB_HOST_ARCH
                   OUTPUT_VARIABLE COMMON_ARCH OUTPUT_STRIP_TRAILING_WHITESPACE)
 endif()
+if (NOT DEFINED ROOT_GROUP)
+  execute_process(COMMAND id -gn root
+                  OUTPUT_VARIABLE ROOT_GROUP OUTPUT_STRIP_TRAILING_WHITESPACE)
+  message(STATUS "Found root group: ${ROOT_GROUP}")
+endif()
+set(ROOT_GROUP "${ROOT_GROUP}" CACHE STRING "Group of root (e.g.: wheel or root)")
 
 # Set various directories
 set(STATE_DIR "${CMAKE_INSTALL_FULL_LOCALSTATEDIR}/lib/apt" CACHE PATH "Your /var/lib/apt")
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index f715e060e..88b5a58b5 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -3440,7 +3440,7 @@ void pkgAcqChangelog::Init(std::string const &DestDir, std::string const &DestFi
    TemporaryDirectory = tmpname;
 
    ChangeOwnerAndPermissionOfFile("Item::QueueURI", TemporaryDirectory.c_str(),
-	 SandboxUser.c_str(), "root", 0700);
+	 SandboxUser.c_str(), ROOT_GROUP, 0700);
 
    DestFile = flCombine(TemporaryDirectory, DestFileName);
    if (DestDir.empty() == false)
diff --git a/apt-pkg/acquire-worker.cc b/apt-pkg/acquire-worker.cc
index a4fbc7651..7afbec72a 100644
--- a/apt-pkg/acquire-worker.cc
+++ b/apt-pkg/acquire-worker.cc
@@ -732,7 +732,7 @@ bool pkgAcquire::Worker::QueueItem(pkgAcquire::Queue::QItem *Item)
    {
       std::string const SandboxUser = _config->Find("APT::Sandbox::User");
       ChangeOwnerAndPermissionOfFile("Item::QueueURI", Item->Owner->DestFile.c_str(),
-                                     SandboxUser.c_str(), "root", 0600);
+                                     SandboxUser.c_str(), ROOT_GROUP, 0600);
    }
 
    if (Debug == true)
@@ -828,7 +828,7 @@ void pkgAcquire::Worker::PrepareFiles(char const * const caller, pkgAcquire::Que
 {
    if (RealFileExists(Itm->Owner->DestFile))
    {
-      ChangeOwnerAndPermissionOfFile(caller, Itm->Owner->DestFile.c_str(), "root", "root", 0644);
+      ChangeOwnerAndPermissionOfFile(caller, Itm->Owner->DestFile.c_str(), "root", ROOT_GROUP, 0644);
       std::string const filename = Itm->Owner->DestFile;
       for (pkgAcquire::Queue::QItem::owner_iterator O = Itm->Owners.begin(); O != Itm->Owners.end(); ++O)
       {
diff --git a/apt-pkg/acquire.cc b/apt-pkg/acquire.cc
index 33c98cf2e..b5f88e1b3 100644
--- a/apt-pkg/acquire.cc
+++ b/apt-pkg/acquire.cc
@@ -80,7 +80,7 @@ void pkgAcquire::Initialize()
    if (getuid() == 0 && SandboxUser.empty() == false && SandboxUser != "root") // if we aren't root, we can't chown, so don't try it
    {
       struct passwd const * const pw = getpwnam(SandboxUser.c_str());
-      struct group const * const gr = getgrnam("root");
+      struct group const * const gr = getgrnam(ROOT_GROUP);
       if (pw != NULL && gr != NULL)
       {
 	 std::string const AuthConf = _config->FindFile("Dir::Etc::netrc");
@@ -106,7 +106,7 @@ static bool SetupAPTPartialDirectory(std::string const &grand, std::string const
    if (getuid() == 0 && SandboxUser.empty() == false && SandboxUser != "root") // if we aren't root, we can't chown, so don't try it
    {
       struct passwd const * const pw = getpwnam(SandboxUser.c_str());
-      struct group const * const gr = getgrnam("root");
+      struct group const * const gr = getgrnam(ROOT_GROUP);
       if (pw != NULL && gr != NULL)
       {
          // chown the partial dir
diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc
index 4a35e3847..ca5c42cb7 100644
--- a/apt-pkg/indexcopy.cc
+++ b/apt-pkg/indexcopy.cc
@@ -207,7 +207,7 @@ bool IndexCopy::CopyPackages(string CDROM,string Name,vector<string> &List,
 	 FinalF += URItoFileName(S);
 	 if (rename(TargetF.c_str(),FinalF.c_str()) != 0)
 	    return _error->Errno("rename","Failed to rename");
-	 ChangeOwnerAndPermissionOfFile("CopyPackages", FinalF.c_str(), "root", "root", 0644);
+	 ChangeOwnerAndPermissionOfFile("CopyPackages", FinalF.c_str(), "root", ROOT_GROUP, 0644);
       }
 
       /* Mangle the source to be in the proper notation with
@@ -531,7 +531,7 @@ bool SigVerify::CopyMetaIndex(string CDROM, string CDName,		/*{{{*/
       Rel.Open(prefix + file,FileFd::ReadOnly);
       if (CopyFile(Rel,Target) == false || Target.Close() == false)
 	 return _error->Error("Copying of '%s' for '%s' from '%s' failed", file.c_str(), CDName.c_str(), prefix.c_str());
-      ChangeOwnerAndPermissionOfFile("CopyPackages", TargetF.c_str(), "root", "root", 0644);
+      ChangeOwnerAndPermissionOfFile("CopyPackages", TargetF.c_str(), "root", ROOT_GROUP, 0644);
 
       return true;
 }
@@ -738,7 +738,7 @@ bool TranslationsCopy::CopyTranslations(string CDROM,string Name,	/*{{{*/
 	 FinalF += URItoFileName(S);
 	 if (rename(TargetF.c_str(),FinalF.c_str()) != 0)
 	    return _error->Errno("rename","Failed to rename");
-	 ChangeOwnerAndPermissionOfFile("CopyTranslations", FinalF.c_str(), "root", "root", 0644);
+	 ChangeOwnerAndPermissionOfFile("CopyTranslations", FinalF.c_str(), "root", ROOT_GROUP, 0644);
       }
 
       CurrentSize += FileSize;
-- 
2.47.2