summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2016-07-22 13:04:47 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2016-07-22 16:05:09 +0200
commit01047752b34486607665db99afffa595cb2d43ce (patch)
tree512f73f84fd29a6bfaea7b98b6f591de5836f4a4
parent503c7d594125f963b92047ad2d9d0644f39136c7 (diff)
downloadapt-01047752b34486607665db99afffa595cb2d43ce.tar.gz
create non-existent files in edit-sources with 644 instead of 640
If the sources file we want to edit doesn't exist yet GetLock will create it with 640, which for a generic lockfile might be okay, but as this is a sources file more relaxed permissions are in order – and actually required as it wont be readable for unprivileged users causing warnings/errors in apt calls. Reported-By: J. Theede (musca) on IRC
-rw-r--r--apt-private/private-sources.cc16
-rwxr-xr-xtest/integration/test-apt-edit-sources39
2 files changed, 54 insertions, 1 deletions
diff --git a/apt-private/private-sources.cc b/apt-private/private-sources.cc
index 7e64d5d7f..587571760 100644
--- a/apt-private/private-sources.cc
+++ b/apt-private/private-sources.cc
@@ -13,6 +13,8 @@
#include <apt-private/private-sources.h>
#include <apt-private/private-utils.h>
+#include <sys/types.h>
+#include <sys/stat.h>
#include <stddef.h>
#include <unistd.h>
#include <iostream>
@@ -46,6 +48,12 @@ bool EditSources(CommandLine &CmdL)
HashString before;
if (FileExists(sourceslist))
before.FromFile(sourceslist);
+ else
+ {
+ FileFd filefd;
+ if (filefd.Open(sourceslist, FileFd::Create | FileFd::WriteOnly, FileFd::None, 0644) == false)
+ return false;
+ }
ScopedGetLock lock(sourceslist);
if (lock.fd < 0)
@@ -56,7 +64,13 @@ bool EditSources(CommandLine &CmdL)
do {
if (EditFileInSensibleEditor(sourceslist) == false)
return false;
- if (FileExists(sourceslist) && !before.VerifyFile(sourceslist))
+ if (before.empty())
+ {
+ struct stat St;
+ if (stat(sourceslist.c_str(), &St) == 0 && St.st_size == 0)
+ RemoveFile("edit-sources", sourceslist);
+ }
+ else if (FileExists(sourceslist) && !before.VerifyFile(sourceslist))
{
file_changed = true;
pkgCacheFile::RemoveCaches();
diff --git a/test/integration/test-apt-edit-sources b/test/integration/test-apt-edit-sources
new file mode 100755
index 000000000..58742e94f
--- /dev/null
+++ b/test/integration/test-apt-edit-sources
@@ -0,0 +1,39 @@
+#!/bin/sh
+set -e
+
+TESTDIR="$(readlink -f "$(dirname "$0")")"
+. "$TESTDIR/framework"
+
+setupenvironment
+configarchitecture 'native'
+
+echo 'Dir::Bin::Editor "cat";' > rootdir/etc/apt/apt.conf.d/editor.conf
+
+echo 'deb http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list.d/rocks.list
+testsuccessequal "$(cat rootdir/etc/apt/sources.list.d/rocks.list)" apt edit-sources rocks.list
+
+cat >editor.sh <<EOF
+#!/bin/sh
+umask 077
+touch "\$@"
+EOF
+chmod +x ./editor.sh
+echo 'Dir::Bin::Editor "./editor.sh";' > rootdir/etc/apt/apt.conf.d/editor.conf
+testsuccess apt edit-sources blub.list
+testfailure test -e 'rootdir/etc/apt/sources.list.d/blub.list'
+
+cat >editor.sh <<EOF
+#!/bin/sh
+umask 077
+echo '#comment' > "\$1"
+EOF
+testsuccess apt edit-sources blub.list
+testfilestats 'rootdir/etc/apt/sources.list.d/blub.list' '%U:%G:%a' '=' "${TEST_DEFAULT_USER}:${TEST_DEFAULT_GROUP}:644"
+
+echo 'Dir::Bin::Editor "cat";' > rootdir/etc/apt/apt.conf.d/editor.conf
+echo 'blub' > rootdir/etc/apt/sources.list.d/blub.list
+testfailure apt edit-sources blub.list --assume-no
+
+echo 'deb http://example.org/debian stable rocks' > rootdir/etc/apt/sources.list.d/blub.list
+touch -m -d 'now + 1 hour' rootdir/etc/apt/sources.list.d/blub.list
+testwarning apt edit-sources blub.list --assume-no