Package: yum
Version: 3.2.12-1.2
Followup-For: Bug #347882
This seems to still be an issue:
# vserver build build -n f9test -m yum -- -d f9
You are using a version of yum which is insecure and broken in chroot
related operations; either apply the patches shipped in the 'contrib/'
directory of util-vserver, or ask the author of yum to apply them
(preferred).
In the meantime, 'vyum' will continue with dirty hacks which might not
work when the vserver is running and local DOS attacks are possible.
Execution will continue in 5 seconds...
Patch (debdiff) attached.
Bye,
Philipp
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (60, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.25-2-vserver-686 (SMP w/1 CPU core)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages yum depends on:
ii python 2.5.2-2 An interactive high-level object-o
ii python-celementtree 1.0.5-10 Light-weight toolkit for XML proce
ii python-libxml2 2.6.32.dfsg-3 Python bindings for the GNOME XML
ii python-pyme 0.8.0-2 Python interface to the GPGME GnuP
ii python-rpm 4.4.2.3-1 Python bindings for RPM
ii python-sqlite 1.0.1-7 python interface to SQLite 2
ii python-sqlitecachec 1.1.2-1 A fast metadata parser for YUM
ii python-support 0.8.4 automated rebuilding support for P
ii python-urlgrabber 3.1.0-4 A high-level cross-protocol url-gr
ii rpm 4.4.2.3-1 Red Hat package manager
yum recommends no packages.
yum suggests no packages.
-- no debconf information
diff -u yum-3.2.12/debian/changelog yum-3.2.12/debian/changelog
--- yum-3.2.12/debian/changelog
+++ yum-3.2.12/debian/changelog
@@ -1,3 +1,10 @@
+yum (3.2.12-1.2+kairos0.1) unstable; urgency=low
+
+ * Non-maintainer upload to kairos.
+ * apply chroot patch to make util-vserver happy
+
+ -- Philipp Kaluza <[EMAIL PROTECTED]> Fri, 05 Sep 2008 20:24:13 +0200
+
yum (3.2.12-1.2) unstable; urgency=low
* Non-maintainer upload
only in patch2:
unchanged:
--- yum-3.2.12.orig/cli.py
+++ yum-3.2.12/cli.py
@@ -1053,13 +1053,14 @@
def getRoot(self,opts):
# If the conf file is inside the installroot - use that.
# otherwise look for it in the normal root
+ if opts.conffile==None:
+ opts.conffile = '/etc/yum/yum.conf'
+ if opts.installroot:
+ if os.access(opts.installroot+opts.conffile, os.R_OK):
+ opts.conffile = opts.installroot+opts.conffile
+ elif os.access(opts.installroot+'/etc/yum.conf', os.R_OK):
+ opts.conffile = opts.installroot+'/etc/yum.conf'
if opts.installroot:
- if os.access(opts.installroot+'/'+opts.conffile, os.R_OK):
- opts.conffile = opts.installroot+'/'+opts.conffile
- elif opts.conffile == '/etc/yum/yum.conf':
- # check if /installroot/etc/yum.conf exists.
- if os.access(opts.installroot+'/etc/yum.conf', os.R_OK):
- opts.conffile = opts.installroot+'/etc/yum.conf'
root=opts.installroot
else:
root = '/'
@@ -1080,7 +1081,7 @@
help=_("be tolerant of errors"))
self.add_option("-C", dest="cacheonly", action="store_true",
help=_("run entirely from cache, don't update cache"))
- self.add_option("-c", dest="conffile", default='/etc/yum/yum.conf',
+ self.add_option("-c", dest="conffile", default=None,
help=_("config file location"), metavar=' [config file]')
self.add_option("-R", dest="sleeptime", type='int', default=None,
help=_("maximum command wait time"), metavar=' [minutes]')
only in patch2:
unchanged:
--- yum-3.2.12.orig/yum/__init__.py
+++ yum-3.2.12/yum/__init__.py
@@ -270,8 +270,7 @@
self.getReposFromConfigFile(self.conf.config_file_path, repo_config_age)
for reposdir in self.conf.reposdir:
- if os.path.exists(self.conf.installroot+'/'+reposdir):
- reposdir = self.conf.installroot + '/' + reposdir
+ reposdir = self.conf.getRootedPath(reposdir)
if os.path.isdir(reposdir):
for repofn in glob.glob('%s/*.repo' % reposdir):
@@ -897,11 +896,9 @@
# if we're not root then we don't lock - just return nicely
if self.conf.uid != 0:
return
-
- root = self.conf.installroot
- lockfile = root + '/' + lockfile # lock in the chroot
- lockfile = os.path.normpath(lockfile) # get rid of silly preceding extra /
-
+
+ lockfile = self.conf.lockfile
+
mypid=str(os.getpid())
while not self._lock(lockfile, mypid, 0644):
fd = open(lockfile, 'r')
@@ -933,9 +930,8 @@
if self.conf.uid != 0:
return
- root = self.conf.installroot
- lockfile = root + '/' + lockfile # lock in the chroot
-
+ lockfile=self.conf.lockfile
+
self._unlock(lockfile)
def _lock(self, filename, contents='', mode=0777):
only in patch2:
unchanged:
--- yum-3.2.12.orig/yum/config.py
+++ yum-3.2.12/yum/config.py
@@ -563,6 +563,26 @@
pluginpath = ListOption(['/usr/share/yum-plugins', '/usr/lib/yum-plugins'])
pluginconfpath = ListOption(['/etc/yum/pluginconf.d'])
+ def getRootedPath(self, path, enforce_default=False, defaults_to_host=False):
+ instroot = getattr(self, 'installroot', None)
+ if instroot==None:
+ return path
+
+ if path.startswith('hostfs://'): res = path[9:]
+ elif path.startswith('chrootfs://'): res = instroot + '/' + path[11:]
+ else:
+ tmp = instroot + '/' + path
+
+ if enforce_default:
+ if defaults_to_host: res = path
+ else: res = tmp
+ else:
+ if os.path.exists(tmp): res = tmp
+ elif defaults_to_host: res = path
+ else: res = tmp
+
+ return res
+
class YumConf(StartupConf):
'''
Configuration option definitions for yum.conf\'s [main] section.
@@ -576,6 +596,7 @@
persistdir = Option('/var/lib/yum')
keepcache = BoolOption(True)
logfile = Option('/var/log/yum.log')
+ lockfile = Option('/var/run/yum.pid')
reposdir = ListOption(['/etc/yum/repos.d', '/etc/yum.repos.d'])
syslog_ident = Option()
syslog_facility = Option('LOG_DAEMON')
@@ -730,9 +751,9 @@
yumconf.populate(startupconf._parser, 'main')
# Apply the installroot to directory options
- for option in ('cachedir', 'logfile', 'persistdir'):
+ for option in ('cachedir', 'logfile', 'persistdir', 'lockfile'):
path = getattr(yumconf, option)
- setattr(yumconf, option, yumconf.installroot + path)
+ setattr(yumconf, option, yumconf.getRootedPath(path))
# Add in some extra attributes which aren't actually configuration values
yumconf.yumvar = yumvars
only in patch2:
unchanged:
--- yum-3.2.12.orig/docs/yum.conf.5
+++ yum-3.2.12/docs/yum.conf.5
@@ -23,8 +23,10 @@
following options:
.IP \fBcachedir\fR
-Directory where yum should store its cache and db files. The default is
-`/var/cache/yum'.
+Directory where yum should store its cache and db files. The default
+is `/var/cache/yum'. Unless the prefixes `hostfs://' or `chrootfs://'
+are used, some magic will be applied to determine the real path in
+combination with `--installroot'.
.IP \fBpersistdir\fR
Directory where yum should store information that should persist over multiple
@@ -44,6 +46,10 @@
repositories defined in /etc/yum/yum.conf to form the complete set of
repositories that yum will use.
+Unless the prefixes `hostfs://' or `chrootfs://' are used, some magic
+will be applied to determine the real path in combination with
+`--installroot'.
+
.IP \fBdebuglevel\fR
Debug message output level. Practical range is 0\-10. Default is `2'.
@@ -51,7 +57,10 @@
Error message output level. Practical range is 0\-10. Default is `2'.
.IP \fBlogfile\fR
-Full directory and file name for where yum should write its log file.
+Full directory and file name for where yum should write its log
+file. Unless the prefixes `hostfs://' or `chrootfs://' are used,
+some magic will be applied to determine the real path in combination
+with `--installroot'.
.IP \fBgpgcheck\fR
Either `1' or `0'. This tells yum whether or not it should perform a GPG
