This does not support fowners just yet as we'll need to queue/dequeue
the accounts on the fly.
X-Gentoo-Bug: 566614
X-Gentoo-Bug-URL: https://bugs.gentoo.org/566614
---
man/make.conf.5| 4
pym/portage/const.py | 1 +
pym/portage/package/ebuild/config.py | 22 +-
pym/portage/package/ebuild/doebuild.py | 9 ++---
4 files changed, 20 insertions(+), 16 deletions(-)
diff --git a/man/make.conf.5 b/man/make.conf.5
index 1d1cfeb..0c575db 100644
--- a/man/make.conf.5
+++ b/man/make.conf.5
@@ -648,6 +648,10 @@ checksum differs from the file that was originally
installed.
When portage is run as root, drop privileges to portage:portage during the
fetching of package sources.
.TP
+.B userinstall
+When portage is run as root, drop privileges to portage:portage during the
+install of package sources.
+.TP
.B userpriv
Allow portage to drop root privileges and compile packages as
portage:portage without a sandbox (unless \fIusersandbox\fR is also used).
diff --git a/pym/portage/const.py b/pym/portage/const.py
index 6c4f613..d895633 100644
--- a/pym/portage/const.py
+++ b/pym/portage/const.py
@@ -195,6 +195,7 @@ SUPPORTED_FEATURES = frozenset([
"unmerge-orphans",
"unprivileged",
"userfetch",
+ "userinstall",
"userpriv",
"usersandbox",
"usersync",
diff --git a/pym/portage/package/ebuild/config.py
b/pym/portage/package/ebuild/config.py
index 40aa99d..70f2276 100644
--- a/pym/portage/package/ebuild/config.py
+++ b/pym/portage/package/ebuild/config.py
@@ -1152,21 +1152,17 @@ class config(object):
"fakeroot binary is not installed.\n"),
noiselevel=-1)
if os.getuid() == 0 and not hasattr(os, "setgroups"):
- warning_shown = False
-
- if "userpriv" in self.features:
- writemsg(_("!!! FEATURES=userpriv is enabled,
but "
- "os.setgroups is not available.\n"),
noiselevel=-1)
- warning_shown = True
-
- if "userfetch" in self.features:
- writemsg(_("!!! FEATURES=userfetch is enabled,
but "
- "os.setgroups is not available.\n"),
noiselevel=-1)
+ userfeatures = {'userfetch', 'userinstall', 'userpriv'}
+ enabled = userfeatures & self.features
+ if enabled:
+ writemsg(
+ _('!!! FEATURES="%s" is enabled, but
os.setgroups is not available.\n'),
+ ' '.join(enabled), noiselevel=-1)
warning_shown = True
- if warning_shown and platform.python_implementation()
== 'PyPy':
- writemsg(_("!!! See
https://bugs.pypy.org/issue833 for details.\n"),
- noiselevel=-1)
+ if platform.python_implementation() == 'PyPy':
+ writemsg(_("!!! See
https://bugs.pypy.org/issue833 for details.\n"),
+ noiselevel=-1)
def load_best_module(self,property_string):
best_mod =
best_from_dict(property_string,self.modules,self.module_priority)
diff --git a/pym/portage/package/ebuild/doebuild.py
b/pym/portage/package/ebuild/doebuild.py
index ff8958e..0fa5c20 100644
--- a/pym/portage/package/ebuild/doebuild.py
+++ b/pym/portage/package/ebuild/doebuild.py
@@ -1350,6 +1350,9 @@ def _spawn_actionmap(settings):
droppriv = "userpriv" in features and \
"userpriv" not in restrict and \
secpass >= 2
+ instpriv = "userinstall" in features and \
+ "userinstall" not in restrict and \
+ secpass >= 2
fakeroot = "fakeroot" in features
@@ -1370,9 +1373,9 @@ def _spawn_actionmap(settings):
"configure":{"cmd":ebuild_sh, "args":{"droppriv":droppriv, "free":nosandbox,
"sesandbox":sesandbox, "fakeroot":0}},
"compile": {"cmd":ebuild_sh, "args":{"droppriv":droppriv, "free":nosandbox,
"sesandbox":sesandbox, "fakeroot":0}},
"test": {"cmd":ebuild_sh, "args":{"droppriv":droppriv, "free":nosandbox,
"sesandbox":sesandbox, "fakeroot":0}},
-"install": {"cmd":ebuild_sh, "args":{"droppriv":0,"free":0,
"sesandbox":sesandbox, "fakeroot":fakeroot}},
-"rpm": {"cmd":misc_sh, "args":{"droppriv":0,"free":0,
"sesandbox":0, "fakeroot":fakeroot}},
-"package": {"cmd":misc_sh, "args":{"droppriv":0,"free":0,
"sesandbox":0, "fakeroot":fakeroot}},
+"install": {"cmd":ebuild_sh, "args":{"droppriv":instpriv, "free":0,
"sesandbox":sesandbox, "fakeroot":fakeroot}},
+"rpm":