diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index e7fc7bbf..84597ac4 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -1870,6 +1870,28 @@ int alpm_option_set_gpgdir(alpm_handle_t *handle, const char *gpgdir); /** @} */ +/** @name Accessors for use sandboxuser + * + * This controls the user that libalpm will use for sensitive operations like + * downloading files. + * @{ + */ + +/** Returns the user to switch to for sensitive operations. + * @return the user name + */ +const char *alpm_option_get_sandboxuser(alpm_handle_t *handle); + +/** Sets the user to switch to for sensitive operations. + * @param handle the context handle + * @param sandboxuser the user to set + */ +int alpm_option_set_sandboxuser(alpm_handle_t *handle, const char *sandboxuser); + +/* End of sandboxuser accessors */ +/** @} */ + + /** @name Accessors for use syslog * * This controls whether libalpm will also use the syslog. Even if this option diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index ff573fba..2d360f46 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -101,6 +101,7 @@ void _alpm_handle_free(alpm_handle_t *handle) FREE(handle->lockfile); FREELIST(handle->architectures); FREE(handle->gpgdir); + FREE(handle->sandboxuser); FREELIST(handle->noupgrade); FREELIST(handle->noextract); FREELIST(handle->ignorepkg); @@ -292,6 +293,12 @@ const char SYMEXPORT *alpm_option_get_gpgdir(alpm_handle_t *handle) return handle->gpgdir; } +const char SYMEXPORT *alpm_option_get_sandboxuser(alpm_handle_t *handle) +{ + CHECK_HANDLE(handle, return NULL); + return handle->sandboxuser; +} + int SYMEXPORT alpm_option_get_usesyslog(alpm_handle_t *handle) { CHECK_HANDLE(handle, return -1); @@ -595,6 +602,19 @@ int SYMEXPORT alpm_option_set_gpgdir(alpm_handle_t *handle, const char *gpgdir) return 0; } +int SYMEXPORT alpm_option_set_sandboxuser(alpm_handle_t *handle, const char *sandboxuser) +{ + CHECK_HANDLE(handle, return -1); + if(handle->sandboxuser) { + FREE(handle->sandboxuser); + } + + STRDUP(handle->sandboxuser, sandboxuser, RET_ERR(handle, ALPM_ERR_MEMORY, -1)); + + _alpm_log(handle, ALPM_LOG_DEBUG, "option 'sandboxuser' = %s\n", handle->sandboxuser); + return 0; +} + int SYMEXPORT alpm_option_set_usesyslog(alpm_handle_t *handle, int usesyslog) { CHECK_HANDLE(handle, return -1); diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h index da018240..63efc3d0 100644 --- a/lib/libalpm/handle.h +++ b/lib/libalpm/handle.h @@ -91,6 +91,7 @@ struct _alpm_handle_t { char *logfile; /* Name of the log file */ char *lockfile; /* Name of the lock file */ char *gpgdir; /* Directory where GnuPG files are stored */ + char *sandboxuser; /* User to switch to for sensitive operations */ alpm_list_t *cachedirs; /* Paths to pacman cache directories */ alpm_list_t *hookdirs; /* Paths to hook directories */ alpm_list_t *overwrite_files; /* Paths that may be overwritten */ diff --git a/src/pacman/conf.c b/src/pacman/conf.c index 7318ad54..ba5e1f5d 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -156,6 +156,7 @@ int config_free(config_t *oldconfig) free(oldconfig->dbpath); free(oldconfig->logfile); free(oldconfig->gpgdir); + free(oldconfig->sandboxuser); FREELIST(oldconfig->hookdirs); FREELIST(oldconfig->cachedirs); free(oldconfig->xfercommand); @@ -670,6 +671,11 @@ static int _parse_options(const char *key, char *value, config->logfile = strdup(value); pm_printf(ALPM_LOG_DEBUG, "config: logfile: %s\n", value); } + } else if(strcmp(key, "DownloadUser") == 0) { + if(!config->sandboxuser) { + config->sandboxuser = strdup(value); + pm_printf(ALPM_LOG_DEBUG, "config: sandboxuser: %s\n", value); + } } else if(strcmp(key, "XferCommand") == 0) { char **c; if((config->xfercommand_argv = wordsplit(value)) == NULL) { @@ -922,6 +928,7 @@ static int setup_libalpm(void) alpm_option_set_architectures(handle, config->architectures); alpm_option_set_checkspace(handle, config->checkspace); alpm_option_set_usesyslog(handle, config->usesyslog); + alpm_option_set_sandboxuser(handle, config->sandboxuser); alpm_option_set_ignorepkgs(handle, config->ignorepkg); alpm_option_set_ignoregroups(handle, config->ignoregrp); diff --git a/src/pacman/conf.h b/src/pacman/conf.h index 3fb07425..e9f17123 100644 --- a/src/pacman/conf.h +++ b/src/pacman/conf.h @@ -68,6 +68,7 @@ typedef struct __config_t { char *logfile; char *gpgdir; char *sysroot; + char *sandboxuser; alpm_list_t *hookdirs; alpm_list_t *cachedirs; alpm_list_t *architectures; diff --git a/src/pacman/pacman-conf.c b/src/pacman/pacman-conf.c index 27b93a29..d73d6c4c 100644 --- a/src/pacman/pacman-conf.c +++ b/src/pacman/pacman-conf.c @@ -262,6 +262,7 @@ static void dump_config(void) show_list_str("HookDir", config->hookdirs); show_str("GPGDir", config->gpgdir); show_str("LogFile", config->logfile); + show_str("DownloadUser", config->sandboxuser); show_list_str("HoldPkg", config->holdpkg); show_list_str("IgnorePkg", config->ignorepkg); @@ -362,6 +363,8 @@ static int list_directives(void) show_str("GPGDir", config->gpgdir); } else if(strcasecmp(i->data, "LogFile") == 0) { show_str("LogFile", config->logfile); + } else if(strcasecmp(i->data, "DownloadUser") == 0) { + show_str("DownloadUser", config->sandboxuser); } else if(strcasecmp(i->data, "HoldPkg") == 0) { show_list_str("HoldPkg", config->holdpkg);