Add --disable-sandbox and DisableSandbox

Signed-off-by: Remi Gacogne <rgacogne@archlinux.org>
2024-05-15 15:36:28 +02:00 · 2024-05-15 15:36:28 +02:00 · 9f8f94c056
commit 9f8f94c056
parent eacadbcc41
10 changed files with 47 additions and 2 deletions
--- a/doc/pacman.8.asciidoc
+++ b/doc/pacman.8.asciidoc
@ -200,6 +200,10 @@ Options
 	beginning with `file://`.  Any paths or URLs passed as targets will not be
 	modified.  This allows mounted guest systems to be properly operated on.

+*\--disable-sandbox*::
+	Disable the default sandbox applied to the process downloading files on Linux
+	systems. Useful if experiencing landlock related failues while downloading
+	files when running a Linux kernel that does not support this feature.

 Transaction Options (apply to '-S', '-R' and '-U')
 --------------------------------------------------
--- a/doc/pacman.conf.5.asciidoc
+++ b/doc/pacman.conf.5.asciidoc
@ -211,6 +211,10 @@ Options
 	Specifies the user to switch to for downloading files. If this config
 	option is not set then the downloads are done as the user running pacman.

+*DisableSandbox*::
+	Disable the default sandbox applied to the process downloading files on Linux
+	systems. Useful if experiencing landlock related failues while downloading
+	files when running a Linux kernel that does not support this feature.

 Repository Sections
 -------------------
--- a/lib/libalpm/alpm.h
+++ b/lib/libalpm/alpm.h
@ -2300,6 +2300,20 @@ int alpm_option_set_parallel_downloads(alpm_handle_t *handle, unsigned int num_s
 /* End of parallel_downloads accessors */
 /** @} */

+/** @name Accessors for sandbox
+ *
+ * By default, libalpm will sandbox the downloader process.
+ * @{
+ */
+
+/** Enables/disables the sandbox.
+ * @param handle the context handle
+ * @param disable_sandbox 0 for enabled, 1 for disabled
+ * @return 0 on success, -1 on error (pm_errno is set accordingly)
+ */
+int alpm_option_set_disable_sandbox(alpm_handle_t *handle, unsigned short disable_sandbox);
+/* End of disable_sandbox accessors */
+/** @} */

 /* End of libalpm_options */
 /** @} */
--- a/lib/libalpm/handle.c
+++ b/lib/libalpm/handle.c
@ -951,3 +951,11 @@ int SYMEXPORT alpm_option_set_parallel_downloads(alpm_handle_t *handle,
 	handle->parallel_downloads = num_streams;
 	return 0;
 }
+
+int SYMEXPORT alpm_option_set_disable_sandbox(alpm_handle_t *handle,
+		unsigned short disable_sandbox)
+{
+	CHECK_HANDLE(handle, return -1);
+	handle->disable_sandbox = disable_sandbox;
+	return 0;
+}
--- a/lib/libalpm/handle.h
+++ b/lib/libalpm/handle.h
@ -65,6 +65,7 @@ struct _alpm_handle_t {
 #endif

 	unsigned short disable_dl_timeout;
+	unsigned short disable_sandbox;
 	unsigned int parallel_downloads; /* number of download streams */

 #ifdef HAVE_LIBGPGME
--- a/lib/libalpm/sandbox.c
+++ b/lib/libalpm/sandbox.c
@ -36,7 +36,7 @@ int SYMEXPORT alpm_sandbox_setup_child(alpm_handle_t *handle, const char* sandbo
 	ASSERT(sandboxuser != NULL, return -1);
 	ASSERT(getuid() == 0, return -1);
 	ASSERT((pw = getpwnam(sandboxuser)), return -1);
-	if(sandbox_path != NULL) {
+	if(sandbox_path != NULL && !handle->disable_sandbox) {
 		_alpm_sandbox_fs_restrict_writes_to(handle, sandbox_path);
 	}
 	ASSERT(setgid(pw->pw_gid) == 0, return -1);
--- a/src/pacman/conf.c
+++ b/src/pacman/conf.c
@ -629,6 +629,8 @@ static int _parse_options(const char *key, char *value,
 			config->noprogressbar = 1;
 		} else if(strcmp(key, "DisableDownloadTimeout") == 0) {
 			config->disable_dl_timeout = 1;
+		} else if(strcmp(key, "DisableSandbox") == 0) {
+			config->disable_sandbox = 1;
 		} else {
 			pm_printf(ALPM_LOG_WARNING,
 					_("config file %s, line %d: directive '%s' in section '%s' not recognized.\n"),
@ -937,6 +939,7 @@ static int setup_libalpm(void)
 	alpm_option_set_checkspace(handle, config->checkspace);
 	alpm_option_set_usesyslog(handle, config->usesyslog);
 	alpm_option_set_sandboxuser(handle, config->sandboxuser);
+	alpm_option_set_disable_sandbox(handle, config->disable_sandbox);

 	alpm_option_set_ignorepkgs(handle, config->ignorepkg);
 	alpm_option_set_ignoregroups(handle, config->ignoregrp);
--- a/src/pacman/conf.h
+++ b/src/pacman/conf.h
@ -58,6 +58,7 @@ typedef struct __config_t {
 	unsigned short usesyslog;
 	unsigned short color;
 	unsigned short disable_dl_timeout;
+	unsigned short disable_sandbox;
 	char *print_format;
 	/* unfortunately, we have to keep track of paths both here and in the library
 	 * because they can come from both the command line or config file, and we
@ -212,7 +213,8 @@ enum {
 	OP_DOWNLOADONLY,
 	OP_REFRESH,
 	OP_ASSUMEINSTALLED,
-	OP_DISABLEDLTIMEOUT
+	OP_DISABLEDLTIMEOUT,
+	OP_DISABLESANDBOX
 };

 /* clean method */
--- a/src/pacman/pacman-conf.c
+++ b/src/pacman/pacman-conf.c
@ -280,6 +280,7 @@ static void dump_config(void)
 	show_bool("DisableDownloadTimeout", config->disable_dl_timeout);
 	show_bool("ILoveCandy", config->chomp);
 	show_bool("NoProgressBar", config->noprogressbar);
+	show_bool("DisableSandbox", config->disable_sandbox);

 	show_int("ParallelDownloads", config->parallel_downloads);

@ -397,6 +398,8 @@ static int list_directives(void)
 			show_bool("ILoveCandy", config->chomp);
 		} else if(strcasecmp(i->data, "NoProgressBar") == 0) {
 			show_bool("NoProgressBar", config->noprogressbar);
+		} else if(strcasecmp(i->data, "DisableSandbox") == 0) {
+			show_bool("DisableSandbox", config->disable_sandbox);

 		} else if(strcasecmp(i->data, "ParallelDownloads") == 0) {
 			show_int("ParallelDownloads", config->parallel_downloads);
--- a/src/pacman/pacman.c
+++ b/src/pacman/pacman.c
@ -226,6 +226,8 @@ static void usage(int op, const char * const myname)
 		addlist(_("      --confirm        always ask for confirmation\n"));
 		addlist(_("      --disable-download-timeout\n"
 		          "                       use relaxed timeouts for download\n"));
+		addlist(_("      --disable-sandbox\n"
+		          "                       disable the sandbox used for the downloader process\n"));
 	}
 	list = alpm_list_msort(list, alpm_list_count(list), options_cmp);
 	for(i = list; i; i = alpm_list_next(i)) {
@ -490,6 +492,9 @@ static int parsearg_global(int opt)
 		case OP_DISABLEDLTIMEOUT:
 			config->disable_dl_timeout = 1;
 			break;
+		case OP_DISABLESANDBOX:
+			config->disable_sandbox = 1;
+			break;
 		case OP_VERBOSE:
 		case 'v':
 			(config->verbose)++;
@ -976,6 +981,7 @@ static int parseargs(int argc, char *argv[])
 		{"dbonly",     no_argument,       0, OP_DBONLY},
 		{"color",      required_argument, 0, OP_COLOR},
 		{"disable-download-timeout", no_argument, 0, OP_DISABLEDLTIMEOUT},
+		{"disable-sandbox", no_argument, 0, OP_DISABLESANDBOX},
 		{0, 0, 0, 0}
 	};