This does not support fowners just yet as we'll need to queue/dequeue the accounts on the fly.
X-Gentoo-Bug: 566614 X-Gentoo-Bug-URL: https://bugs.gentoo.org/566614 --- man/make.conf.5 | 4 ++++ pym/portage/const.py | 1 + pym/portage/package/ebuild/config.py | 22 +++++++++------------- pym/portage/package/ebuild/doebuild.py | 9 ++++++--- 4 files changed, 20 insertions(+), 16 deletions(-) diff --git a/man/make.conf.5 b/man/make.conf.5 index 1d1cfeb..0c575db 100644 --- a/man/make.conf.5 +++ b/man/make.conf.5 @@ -648,6 +648,10 @@ checksum differs from the file that was originally installed. When portage is run as root, drop privileges to portage:portage during the fetching of package sources. .TP +.B userinstall +When portage is run as root, drop privileges to portage:portage during the +install of package sources. +.TP .B userpriv Allow portage to drop root privileges and compile packages as portage:portage without a sandbox (unless \fIusersandbox\fR is also used). diff --git a/pym/portage/const.py b/pym/portage/const.py index 6c4f613..d895633 100644 --- a/pym/portage/const.py +++ b/pym/portage/const.py @@ -195,6 +195,7 @@ SUPPORTED_FEATURES = frozenset([ "unmerge-orphans", "unprivileged", "userfetch", + "userinstall", "userpriv", "usersandbox", "usersync", diff --git a/pym/portage/package/ebuild/config.py b/pym/portage/package/ebuild/config.py index 40aa99d..70f2276 100644 --- a/pym/portage/package/ebuild/config.py +++ b/pym/portage/package/ebuild/config.py @@ -1152,21 +1152,17 @@ class config(object): "fakeroot binary is not installed.\n"), noiselevel=-1) if os.getuid() == 0 and not hasattr(os, "setgroups"): - warning_shown = False - - if "userpriv" in self.features: - writemsg(_("!!! FEATURES=userpriv is enabled, but " - "os.setgroups is not available.\n"), noiselevel=-1) - warning_shown = True - - if "userfetch" in self.features: - writemsg(_("!!! FEATURES=userfetch is enabled, but " - "os.setgroups is not available.\n"), noiselevel=-1) + userfeatures = {'userfetch', 'userinstall', 'userpriv'} + enabled = userfeatures & self.features + if enabled: + writemsg( + _('!!! FEATURES="%s" is enabled, but os.setgroups is not available.\n'), + ' '.join(enabled), noiselevel=-1) warning_shown = True - if warning_shown and platform.python_implementation() == 'PyPy': - writemsg(_("!!! See https://bugs.pypy.org/issue833 for details.\n"), - noiselevel=-1) + if platform.python_implementation() == 'PyPy': + writemsg(_("!!! See https://bugs.pypy.org/issue833 for details.\n"), + noiselevel=-1) def load_best_module(self,property_string): best_mod = best_from_dict(property_string,self.modules,self.module_priority) diff --git a/pym/portage/package/ebuild/doebuild.py b/pym/portage/package/ebuild/doebuild.py index ff8958e..0fa5c20 100644 --- a/pym/portage/package/ebuild/doebuild.py +++ b/pym/portage/package/ebuild/doebuild.py @@ -1350,6 +1350,9 @@ def _spawn_actionmap(settings): droppriv = "userpriv" in features and \ "userpriv" not in restrict and \ secpass >= 2 + instpriv = "userinstall" in features and \ + "userinstall" not in restrict and \ + secpass >= 2 fakeroot = "fakeroot" in features @@ -1370,9 +1373,9 @@ def _spawn_actionmap(settings): "configure":{"cmd":ebuild_sh, "args":{"droppriv":droppriv, "free":nosandbox, "sesandbox":sesandbox, "fakeroot":0}}, "compile": {"cmd":ebuild_sh, "args":{"droppriv":droppriv, "free":nosandbox, "sesandbox":sesandbox, "fakeroot":0}}, "test": {"cmd":ebuild_sh, "args":{"droppriv":droppriv, "free":nosandbox, "sesandbox":sesandbox, "fakeroot":0}}, -"install": {"cmd":ebuild_sh, "args":{"droppriv":0, "free":0, "sesandbox":sesandbox, "fakeroot":fakeroot}}, -"rpm": {"cmd":misc_sh, "args":{"droppriv":0, "free":0, "sesandbox":0, "fakeroot":fakeroot}}, -"package": {"cmd":misc_sh, "args":{"droppriv":0, "free":0, "sesandbox":0, "fakeroot":fakeroot}}, +"install": {"cmd":ebuild_sh, "args":{"droppriv":instpriv, "free":0, "sesandbox":sesandbox, "fakeroot":fakeroot}}, +"rpm": {"cmd":misc_sh, "args":{"droppriv":instpriv, "free":0, "sesandbox":0, "fakeroot":fakeroot}}, +"package": {"cmd":misc_sh, "args":{"droppriv":instpriv, "free":0, "sesandbox":0, "fakeroot":fakeroot}}, } return actionmap -- 2.6.2