Allan McRae pushed to branch master at Pacman / Pacman Commits: 56eb8728 by Remi Gacogne at 2024-04-01T20:52:55+00:00 Add DownloadUser configuration option The DownloadUser option will be used to drop privledges to the specified user when downloading files. The intention is for this to be extended in the future to a more general sandbox configuration to cover operating on package and database files prior to verification. Add this option to pacman configuration and the various accessors into the libalpm backend. Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - ce83cf63 by Remi Gacogne at 2024-04-01T20:52:55+00:00 Provide function for switching user in child processes Add alpm_sandbox_child() function that will be used for switching to a less priviledged user to run child processes. Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 62c68746 by Remi Gacogne at 2024-04-01T20:52:55+00:00 Add callbacks for sandboxed operations Add log and download callbacks to use within a sandbox. These are designed to be passed from the sandbox to the parent through a file descriptor and then processed into alpm callbacks to be passed to the frontend. Note, only callbacks used in libalpm are added. Other callbacks should be set to NULL in the child process. - - - - - 9667bc6b by Allan McRae at 2024-04-01T20:52:55+00:00 Expose _alpm_reset_signals() to library Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 93a796aa by Remi Gacogne at 2024-04-01T20:52:55+00:00 Add sandboxed download for the internal downloader If the SandboxUser configure option is set, the internal downloader will fork of a child process and drop to the specified user to download the files. Signed-off-by: Remi Gacogne <rgacogne@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - cf359b0d by Remi Gacogne at 2024-04-01T20:52:55+00:00 Add support for DownloadUser with XferCommand Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 49d51226 by Remi Gacogne at 2024-04-01T20:52:55+00:00 Document DownloadUser Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 04d04381 by Allan McRae at 2024-04-01T20:52:55+00:00 libalpm: fill in more payload information before passing to downloader Filling in more of the payload fields before passing to the downloader ensures that the these fields do not get lost during sandboxed operations. It also fixes the use of -U with XferCommand, but testsuite still fails due to "404" page being downloaded for the signature. Given we can not identify this as being a non-signature download with the XferCommand, we can just turn off signature checking in this test. Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 26b7b353 by Allan McRae at 2024-04-01T20:52:55+00:00 Remove random_partfile from payload struct It is not used any more due to filling the payload structure earlier. Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 5e9bff62 by Remi Gacogne at 2024-04-01T20:52:55+00:00 Stop trusting the Content-Disposition HTTP header - - - - - 0b6df551 by Andrew Gregory at 2024-04-01T20:52:55+00:00 pactest: Add basic sandboxed download tests Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 11c8eca9 by Andrew Gregory at 2024-04-01T20:52:55+00:00 pactest: test database downloads with optional signatures Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - e1a7b83e by Remi Gacogne at 2024-04-01T20:52:55+00:00 Download to a temporary directory owned by the Download user Signed-off-by: Remi Gacogne <rgacogne@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - cfa68f7b by Remi Gacogne at 2024-04-01T20:52:55+00:00 Restore partially downloaded files to the temporary directory This allows downloads to be continued. Signed-off-by: Allan McRae <allan@archlinux.org> - - - - - 24 changed files: - doc/pacman.conf.5.asciidoc - lib/libalpm/alpm.h - lib/libalpm/be_sync.c - lib/libalpm/dload.c - lib/libalpm/dload.h - lib/libalpm/handle.c - lib/libalpm/handle.h - lib/libalpm/meson.build - + lib/libalpm/sandbox.c - + lib/libalpm/sandbox.h - lib/libalpm/sync.c - lib/libalpm/util.c - lib/libalpm/util.h - src/pacman/callback.c - src/pacman/conf.c - src/pacman/conf.h - src/pacman/pacman-conf.c - test/pacman/meson.build - + test/pacman/tests/database-refresh-optional-siglevel.py - + test/pacman/tests/sandbox-download-basic.py - + test/pacman/tests/sandbox-download-upgrade.py - test/pacman/tests/upgrade-download-pkg-and-sig-with-filename.py - − test/pacman/tests/upgrade-download-pkg-and-sig-without-filename.py - test/pacman/tests/upgrade-download-with-xfercommand.py View it on GitLab: https://gitlab.archlinux.org/pacman/pacman/-/compare/01e64e8b6a25f94b13dc925... -- View it on GitLab: https://gitlab.archlinux.org/pacman/pacman/-/compare/01e64e8b6a25f94b13dc925... You're receiving this email because of your account on gitlab.archlinux.org.