summaryrefslogtreecommitdiff
path: root/apt-private/private-download.h
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2014-10-15 02:43:44 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2014-10-15 02:43:44 +0200
commit460601d53039b1d1b5688a8cd58bae10fb746f57 (patch)
treea555768f443937b165f82cc7d16a29bb6abf7f65 /apt-private/private-download.h
parentd4f4bcf76bb2035b7df370a82b081384140b3083 (diff)
don't drop privileges if _apt has not enough rights
Privilege dropping breaks download/source/changelog commands as they require the _apt user to have write permissions in the current directory, which is e.g. the case in /tmp, but not in /root, so we disable the privilege dropping if we deal with such a directory based on idea and code by Michael Vogt. The alternative would be to download always to a temp directory and move it then done, but this breaks partial file support. To resolve this, we could move to one of our partial/ directories, but this would require a lock which would block root from using two of these commands in parallel. As both seems unacceptable we instead let the user choose what to do: Either a directory is setupped for _apt, downloading as root is accepted or – which is potentially even better – an unprivileged user is used for the commands.
Diffstat (limited to 'apt-private/private-download.h')
-rw-r--r--apt-private/private-download.h6
1 files changed, 5 insertions, 1 deletions
diff --git a/apt-private/private-download.h b/apt-private/private-download.h
index a90ac7eaa..809650a97 100644
--- a/apt-private/private-download.h
+++ b/apt-private/private-download.h
@@ -3,14 +3,18 @@
#include <apt-pkg/macros.h>
+#include <string>
+
class pkgAcquire;
+APT_PUBLIC bool CheckDropPrivsMustBeDisabled(pkgAcquire &Fetcher);
+
// Check if all files in the fetcher are authenticated
APT_PUBLIC bool CheckAuth(pkgAcquire& Fetcher, bool const PromptUser);
// show a authentication warning prompt and return true if the system
// should continue
-APT_PUBLIC bool AuthPrompt(std::string UntrustedList, bool const PromptUser);
+APT_PUBLIC bool AuthPrompt(std::string const &UntrustedList, bool const PromptUser);
APT_PUBLIC bool AcquireRun(pkgAcquire &Fetcher, int const PulseInterval, bool * const Failure, bool * const TransientNetworkFailure);