diff options
author | Michael Vogt <mvo@ubuntu.com> | 2014-09-24 16:22:05 +0200 |
---|---|---|
committer | Michael Vogt <mvo@ubuntu.com> | 2014-09-24 16:22:05 +0200 |
commit | 3927c6da48c206b6b251661f44680d9883b4f6b4 (patch) | |
tree | 695aea2c55eb2358a07b9403c28a57a3ca0e585d /debian/apt.postinst | |
parent | a1380a5c52062b25c9ed260b721239ed57929503 (diff) | |
download | apt-3927c6da48c206b6b251661f44680d9883b4f6b4.tar.gz |
Drop Privileges to "Debian-apt" in most acquire methods
Add a new "Debian-apt" user that owns the /var/lib/apt/lists
and /var/cache/apt/archive directories. The methods
http, https, ftp, gpgv, gzip switch to this user when they
start.
Thanks to Julian and "ioerror" and tors "switch_id()" code.
Diffstat (limited to 'debian/apt.postinst')
-rw-r--r-- | debian/apt.postinst | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/debian/apt.postinst b/debian/apt.postinst index fd3e273bb..08dc60f9c 100644 --- a/debian/apt.postinst +++ b/debian/apt.postinst @@ -26,6 +26,13 @@ case "$1" in fi fi + # add unprivileged user for the apt methods + adduser --force-badname --system --no-create-home \ + --quiet Debian-apt || true + chown -R Debian-apt:root \ + /var/lib/apt/lists \ + /var/cache/apt/archives + # ensure tighter permissons on the logs, see LP: #975199 if dpkg --compare-versions "$2" lt-nl 0.9.7.7; then # ensure permissions are right |