Re: [gentoo-portage-dev] precisions on installed packages' dependencies

2020-03-22 Thread Zac Medico 
On 3/22/20 5:38 PM, michael.lienha...@laposte.net wrote:
> Dear all,
> 
> Still in the process of improving my solver (and make it a usable tool), I 
> need to have a better idea on how installed packages should be managed.

Great!

> I didn't find anything on that topic in the PMS (if I've missed it, I'm 
> sorry).
> Could you confirm/correct my following understanding:
>  1. installed packages that are still in the portage tree can be 
> unmerged/updated without any restriction (as specified in their .ebuild)

True.

>  2. installed packages that are not in the portage tree can only be kept as 
> is or unmerged

Installed packages may also implement pkg_config and pkg_info phases
that can be executed via emerge --config and emerge --info.

>  3. before removing a library, "ebuild unmerge" always checks if it is used 
> by another package: this means that installed packages' dependencies are 
> never broken.

That's true if the package is removed via emerge --depclean, but emerge
--unmerge does not account for dependencies.

Also, it's possible for dependencies of installed packages to be
temporarily broken by upgrades. In cases like this, the breakage will
eventually be resolved by a rebuild (which occurs automatically for slot
operator := deps), upgraded, or by emerge --depclean (which removes
unneeded packages).

> 
> Many thanks!
> Michael
>
-- 
Thanks,
Zac



signature.asc
Description: OpenPGP digital signature

[gentoo-portage-dev] precisions on installed packages' dependencies

2020-03-22 Thread michael . lienhardt 
Dear all,

Still in the process of improving my solver (and make it a usable tool), I need 
to have a better idea on how installed packages should be managed.
I didn't find anything on that topic in the PMS (if I've missed it, I'm sorry).
Could you confirm/correct my following understanding:
 1. installed packages that are still in the portage tree can be 
unmerged/updated without any restriction (as specified in their .ebuild)
 2. installed packages that are not in the portage tree can only be kept as is 
or unmerged
 3. before removing a library, "ebuild unmerge" always checks if it is used by 
another package: this means that installed packages' dependencies are never 
broken.

Many thanks!
Michael

[gentoo-portage-dev] [PATCH] _hide_url_passwd: replace all occurrences (bug 713726)

2020-03-22 Thread Zac Medico 
Adjust the regular expression to avoid overly-greedy .+ groups,
so that is will properly replace all occurrences, as necessary
for the purposes of bug 713726 since PORTAGE_BINHOST may contain
multiple values.

Bug: https://bugs.gentoo.org/713726
Signed-off-by: Zac Medico 
---
 lib/portage/package/ebuild/fetch.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/portage/package/ebuild/fetch.py 
b/lib/portage/package/ebuild/fetch.py
index f7984130f..28e7caf53 100644
--- a/lib/portage/package/ebuild/fetch.py
+++ b/lib/portage/package/ebuild/fetch.py
@@ -67,7 +67,7 @@ _userpriv_spawn_kwargs = (
 )
 
 def _hide_url_passwd(url):
-   return re.sub(r'//(.+):.+@(.+)', r'//\1:*password*@\2', url)
+   return re.sub(r'//([^:\s]+):[^@\s]+@', r'//\1:*password*@', url)
 
 
 def _want_userfetch(settings):
-- 
2.24.1

[gentoo-portage-dev] Re: [PATCH] _post_phase_userpriv_perms: handle $HOME (bug 713100)

2020-03-22 Thread Zac Medico 
Please ignor this accidental re-send, it is identical to this previous send:

https://archives.gentoo.org/gentoo-portage-dev/message/a6cb4527a2aa29c3aafccc17d91b44e5

On 3/22/20 12:56 PM, Zac Medico wrote:
> Ensure that the userpriv UID has appropriate permission for files
> created in $HOME during privileged phases like pkg_setup, in the
> same way as for $T. This prevents potential permission issues for
> programs invoked during unprivileged phases, and it improves
> alignment with PMS which specifies identical behavior for both
> $HOME and $T.
> 
> Bug: https://bugs.gentoo.org/713100
> Signed-off-by: Zac Medico 
> ---
>  lib/portage/package/ebuild/doebuild.py | 7 ---
>  1 file changed, 4 insertions(+), 3 deletions(-)
> 
> diff --git a/lib/portage/package/ebuild/doebuild.py 
> b/lib/portage/package/ebuild/doebuild.py
> index 75fcb8a51..2bff94cb1 100644
> --- a/lib/portage/package/ebuild/doebuild.py
> +++ b/lib/portage/package/ebuild/doebuild.py
> @@ -1765,9 +1765,10 @@ def _post_phase_userpriv_perms(mysettings):
>   if "userpriv" in mysettings.features and secpass >= 2:
>   """ Privileged phases may have left files that need to be made
>   writable to a less privileged user."""
> - apply_recursive_permissions(mysettings["T"],
> - uid=portage_uid, gid=portage_gid, dirmode=0o700, 
> dirmask=0,
> - filemode=0o600, filemask=0)
> + for path in (mysettings["HOME"], mysettings["T"]):
> + apply_recursive_permissions(path,
> + uid=portage_uid, gid=portage_gid, 
> dirmode=0o700, dirmask=0,
> + filemode=0o600, filemask=0)
>  
>  
>  def _check_build_log(mysettings, out=None):
> 


-- 
Thanks,
Zac



signature.asc
Description: OpenPGP digital signature

[gentoo-portage-dev] [PATCH] emerge --info: Filter variables for credentials

2020-03-22 Thread Zac Medico 
From: "Sam James (sam_c)" 

Closes: https://bugs.gentoo.org/713726
Signed-off-by: Sam James (sam_c) 
Signed-off-by: Zac Medico 
---
 lib/_emerge/actions.py | 4 
 1 file changed, 4 insertions(+)

diff --git a/lib/_emerge/actions.py b/lib/_emerge/actions.py
index 7a39d5ec7..392f98d4d 100644
--- a/lib/_emerge/actions.py
+++ b/lib/_emerge/actions.py
@@ -56,6 +56,7 @@ bad = create_color_func("BAD")
 warn = create_color_func("WARN")
 from portage.package.ebuild._ipc.QueryCommand import QueryCommand
 from portage.package.ebuild.doebuild import _check_temp_dir
+from portage.package.ebuild.fetch import _hide_url_passwd
 from portage._sets import load_default_config, SETPREFIX
 from portage._sets.base import InternalPackageSet
 from portage.util import cmp_sort_key, writemsg, varexpand, \
@@ -1899,6 +1900,9 @@ def action_info(settings, trees, myopts, myfiles):
if default is not None and \
default == v:
continue
+
+   v = _hide_url_passwd(v)
+
append('%s="%s"' % (k, v))
else:
use = set(v.split())
-- 
2.24.1

[gentoo-portage-dev] [PATCH] _post_phase_userpriv_perms: handle $HOME (bug 713100)

2020-03-22 Thread Zac Medico 
Ensure that the userpriv UID has appropriate permission for files
created in $HOME during privileged phases like pkg_setup, in the
same way as for $T. This prevents potential permission issues for
programs invoked during unprivileged phases, and it improves
alignment with PMS which specifies identical behavior for both
$HOME and $T.

Bug: https://bugs.gentoo.org/713100
Signed-off-by: Zac Medico 
---
 lib/portage/package/ebuild/doebuild.py | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/lib/portage/package/ebuild/doebuild.py 
b/lib/portage/package/ebuild/doebuild.py
index 75fcb8a51..2bff94cb1 100644
--- a/lib/portage/package/ebuild/doebuild.py
+++ b/lib/portage/package/ebuild/doebuild.py
@@ -1765,9 +1765,10 @@ def _post_phase_userpriv_perms(mysettings):
if "userpriv" in mysettings.features and secpass >= 2:
""" Privileged phases may have left files that need to be made
writable to a less privileged user."""
-   apply_recursive_permissions(mysettings["T"],
-   uid=portage_uid, gid=portage_gid, dirmode=0o700, 
dirmask=0,
-   filemode=0o600, filemask=0)
+   for path in (mysettings["HOME"], mysettings["T"]):
+   apply_recursive_permissions(path,
+   uid=portage_uid, gid=portage_gid, 
dirmode=0o700, dirmask=0,
+   filemode=0o600, filemask=0)
 
 
 def _check_build_log(mysettings, out=None):
-- 
2.24.1