From d12561703c7776f665b68c91bddb28dea0728894 Mon Sep 17 00:00:00 2001
From: David Kalnischkies <david@kalnischkies.de>
Date: Sun, 23 Aug 2015 13:46:35 +0200
Subject: use always priv-dropping for changelog download as root

First of, the temporary directory we download the changelog to needs to
be owned by _apt, but that also means that we don't need to check if we
could/should drop privs as the download happens to a dedicated tempdir
and only after that it is moved to its final location by a privileged user.
---
 apt-pkg/acquire-item.cc                 | 4 ++++
 cmdline/apt-get.cc                      | 5 +----
 test/integration/test-apt-get-changelog | 9 +++++----
 3 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 26c835444..7dcaa25a4 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -2935,6 +2935,10 @@ void pkgAcqChangelog::Init(std::string const &DestDir, std::string const &DestFi
 	 return;
       }
       DestFile = TemporaryDirectory = tmpname;
+
+      std::string SandboxUser = _config->Find("APT::Sandbox::User");
+      ChangeOwnerAndPermissionOfFile("Item::QueueURI", DestFile.c_str(),
+                                     SandboxUser.c_str(), "root", 0700);
    }
    else
       DestFile = DestDir;
diff --git a/cmdline/apt-get.cc b/cmdline/apt-get.cc
index b1260f06a..b6150a423 100644
--- a/cmdline/apt-get.cc
+++ b/cmdline/apt-get.cc
@@ -1403,10 +1403,7 @@ static bool DoChangelog(CommandLine &CmdL)
 
    if (printOnly == false)
    {
-      // Disable drop-privs if "_apt" can not write to the target dir
-      CheckDropPrivsMustBeDisabled(Fetcher);
-      if (_error->PendingError() == true)
-	 return false;
+      // Note: CheckDropPrivsMustBeDisabled isn't needed here as the download happens in a dedicated tempdir
 
       bool Failed = false;
       if (AcquireRun(Fetcher, 0, &Failed, NULL) == false || Failed == true)
diff --git a/test/integration/test-apt-get-changelog b/test/integration/test-apt-get-changelog
index 5fa8543b9..6ca05d0fa 100755
--- a/test/integration/test-apt-get-changelog
+++ b/test/integration/test-apt-get-changelog
@@ -60,14 +60,15 @@ testsuccessequal "'http://localhost:8080/main/f/foo/foo_1.0/change.txt' foo.chan
 echo 'Acquire::Changelogs::URI::Label::Testcases "http://localhost:8080/pool/CHANGEPATH/changelog";' > rootdir/etc/apt/apt.conf.d/changelog.conf
 testsuccessequal "'http://localhost:8080/pool/main/f/foo/foo_1.0/changelog' foo.changelog" aptget changelog foo --print-uris
 
-cd downloaded
 
 testsuccess aptget changelog foo -qq
-testfileequal '../rootdir/tmp/testsuccess.output' "$(cat ../aptarchive/pool/main/f/foo/foo_1.0/changelog)"
+testfileequal 'rootdir/tmp/testsuccess.output' "$(cat aptarchive/pool/main/f/foo/foo_1.0/changelog)"
 
 testsuccess aptget changelog foo libbar -qq
-testfileequal '../rootdir/tmp/testsuccess.output' "$(cat ../aptarchive/pool/main/f/foo/foo_1.0/changelog)
-$(cat ../aptarchive/pool/main/libb/libbar/libbar_1.0/changelog)"
+testfileequal 'rootdir/tmp/testsuccess.output' "$(cat aptarchive/pool/main/f/foo/foo_1.0/changelog)
+$(cat aptarchive/pool/main/libb/libbar/libbar_1.0/changelog)"
+
+cd downloaded
 
 testsuccess aptget changelog foo -d
 testfilestats 'foo.changelog' '%U:%G:%a' '=' "${TEST_DEFAULT_USER}:${TEST_DEFAULT_GROUP}:644"
-- 
cgit v1.2.3-70-g09d2