commit: 89de8064e8d186a7a001dd1f2f5c486c64f4104f Author: Zac Medico <zmedico <AT> gentoo <DOT> org> AuthorDate: Mon Dec 31 05:23:29 2018 +0000 Commit: Zac Medico <zmedico <AT> gentoo <DOT> org> CommitDate: Mon Dec 31 05:25:06 2018 +0000 URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=89de8064
locks: chown lockfiles only if permitted (bug 674090) Reported-by: Jeroen Roovers <jer <AT> gentoo.org> Bug: https://bugs.gentoo.org/674090 Signed-off-by: Zac Medico <zmedico <AT> gentoo.org> lib/portage/locks.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/portage/locks.py b/lib/portage/locks.py index f61e1819a..a4e7ec53f 100644 --- a/lib/portage/locks.py +++ b/lib/portage/locks.py @@ -163,7 +163,7 @@ def lockfile(mypath, wantnewlockfile=0, unlinkfile=0, if not preexisting: try: - if os.stat(lockfilename).st_gid != portage_gid: + if portage.data.secpass >= 1 and os.stat(lockfilename).st_gid != portage_gid: os.chown(lockfilename, -1, portage_gid) except OSError as e: if e.errno in (errno.ENOENT, errno.ESTALE): @@ -463,7 +463,7 @@ def hardlink_lockfile(lockfilename, max_wait=DeprecationWarning, if not preexisting: # Don't chown the file if it is preexisting, since we # want to preserve existing permissions in that case. - if myfd_st.st_gid != portage_gid: + if portage.data.secpass >= 1 and myfd_st.st_gid != portage_gid: os.fchown(myfd, -1, portage_gid) except OSError as e: if e.errno not in (errno.ENOENT, errno.ESTALE):
