Commit 7ccf316c provided "root" (or the user name for UID 0) as a
default download user. However, when DownloadUser is unset in pacman.conf,
pacman was overwriting the default with null. Rectify this.
Fixes#248
Signed-off-by: Allan McRae <allan@archlinux.org>
If the SandboxUser configure option is set, the internal downloader
will fork of a child process and drop to the specified user to download
the files.
Signed-off-by: Remi Gacogne <rgacogne@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
The DownloadUser option will be used to drop privledges to the
specified user when downloading files.
The intention is for this to be extended in the future to a more
general sandbox configuration to cover operating on package and
database files prior to verification.
Add this option to pacman configuration and the various accessors into
the libalpm backend.
Signed-off-by: Allan McRae <allan@archlinux.org>
We were indirectly adjusting a pointer to a parameter that was declared
as a const. This resulted in a use-after-free when using --debug:
[11:09:18] debug: config: finished parsing ��A�8_
Signed-off-by: Allan McRae <allan@archlinux.org>
Not actually a fix, as the pacman output will still be weird and
we will not gracefully exit, but it does print an error message...
Signed-off-by: Allan McRae <allan@archlinux.org>
The third parameter to wcstombs() is the length of the output buffer
(first parameter) in bytes. Take the correct sizeof() here.
This is not a problem in practice, but prevents _FORTIFY_SOURCE=3 from
detecting a possible output buffer overflow (as the source buffer is
bigger than the destination).
Fixes#104.
Signed-off-by: Ivan Shapovalov <intelfx@intelfx.name>
Setting sysroot to / is not the same as having no sysroot, because the
sysroot is prepended to ALL config paths including relative ones:
$ cd /etc
$ pacman --config=pacman.conf
error: config file /pacman.conf could not be read: No such file or directory
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
In pacman's progress callback, pkgname being null may result in a
segfault, due to undefined printf behaviour. libalpm always passes
at least an empty string for pkgname, so this situation is largely
avoided.
However, the callback mostly checked for pkgname's being non-null
and not empty. This means a additional space was being added to
the output messages (although with zero actual effect on the output).
Be a bit more robust here by treating null and empty pkgname the
same and fixing the invisible output issue...
Signed-off-by: Allan McRae <allan@archlinux.org>
A potential buffer overflow could occur if a detected terminal escape
sequence was not for a terminal colour (i.e. did not contain an "m").
Fix the potential buffer overflow while explicitly detecting only
terminal colour escape sequences. Any other escape sequence is
unexpected, and just gets pushed to the terminal.
Signed-off-by: Allan McRae <allan@archlinux.org>
The previous chroot-based sysroot often broke due to glibc's delayed
loading for much of its functionality when the sysroot did not contain
compatible copies of the necessary libraries.
This approach instead manually prepends the sysroot to all configuration
paths.
BREAKING CHANGE: targets to -U are no longer interpreted relative to
sysroot
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
If a path length exceeds the PATH_MAX value, then it gets truncated
when building the path of the file to delete. This could (in a very
unlikely case...) result in the wrong file being deleted. Check the
path fittedin the buffer before removing files.
Signed-off-by: Allan McRae <allan@archlinux.org>
It does very little, is only used in one place, and can't easily be
reused for other server types due to the inclusion of an error message.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Passing a path with a trailing slash to --root or --rootdir can lead to a
double slash at the start of paths. e.g.
$ pacman --root / -v 2>1 | grep " //"
Log File : //var/log/pacman.log
In MSYS2, paths starting with // will hit the network and fail.
Avoid this be explicitly stripping the trailing / from paths passed to these
flags.
Signed-off-by: Allan McRae <allan@archlinux.org>
Add provides "%P" and replaces "%R" as format attribute.
Signed-off-by: Jelle van der Waa <jelle@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
