def _spawn_fetch(settings, args, **kwargs): """ Spawn a process with appropriate settings for fetching, including userfetch and selinux support. """ global _userpriv_spawn_kwargs # Redirect all output to stdout since some fetchers like # wget pollute stderr (if portage detects a problem then it # can send it's own message to stderr). if "fd_pipes" not in kwargs: kwargs["fd_pipes"] = { 0 : portage._get_stdin().fileno(), 1 : sys.__stdout__.fileno(), 2 : sys.__stdout__.fileno(), } logname = None if "userfetch" in settings.features and \ os.getuid() == 0 and portage_gid and portage_uid and \ hasattr(os, "setgroups"): kwargs.update(_userpriv_spawn_kwargs) logname = portage.data._portage_username spawn_func = spawn if settings.selinux_enabled(): spawn_func = selinux.spawn_wrapper(spawn_func, settings["PORTAGE_FETCH_T"]) # bash is an allowed entrypoint, while most binaries are not if args[0] != BASH_BINARY: args = [BASH_BINARY, "-c", "exec \"$@\"", args[0]] + args # Ensure that EBUILD_PHASE is set to fetch, so that config.environ() # does not filter the calling environment (which may contain needed # proxy variables, as in bug #315421). phase_backup = settings.get('EBUILD_PHASE') settings['EBUILD_PHASE'] = 'fetch' env = settings.environ() if logname is not None: env["LOGNAME"] = logname try: rval = spawn_func(args, env=env, **kwargs) finally: if phase_backup is None: settings.pop('EBUILD_PHASE', None) else: settings['EBUILD_PHASE'] = phase_backup return rval
def _spawn_fetch(settings, args, **kwargs): """ Spawn a process with appropriate settings for fetching, including userfetch and selinux support. """ global _userpriv_spawn_kwargs # Redirect all output to stdout since some fetchers like # wget pollute stderr (if portage detects a problem then it # can send it's own message to stderr). if "fd_pipes" not in kwargs: kwargs["fd_pipes"] = { 0 : sys.stdin.fileno(), 1 : sys.stdout.fileno(), 2 : sys.stdout.fileno(), } if "userfetch" in settings.features and \ os.getuid() == 0 and portage_gid and portage_uid: kwargs.update(_userpriv_spawn_kwargs) spawn_func = spawn if settings.selinux_enabled(): spawn_func = selinux.spawn_wrapper(spawn_func, settings["PORTAGE_FETCH_T"]) # bash is an allowed entrypoint, while most binaries are not if args[0] != BASH_BINARY: args = [BASH_BINARY, "-c", "exec \"$@\"", args[0]] + args rval = spawn_func(args, env=settings.environ(), **kwargs) return rval