[pacman-dev] paccache: needsroot faulty set to 1

Tue Aug 26 08:28:25 EDT 2014

2014-08-26 14:00 GMT+02:00 Dave Reisner <d at falconindy.com>:
> On Aug 26, 2014 7:56 AM, "Maxim Andersson" <thesilentboatman at gmail.com>
> wrote:
>>
>> "Privilege escalation required" will be printed even when root isn't
> required
>>
>> If paccache runs without the -m parameter and $PWD is read only,
>> $needsroot will be set to 1 even if the cache dir has read/write.
>>
>>
>> pacman 4.1.2-6
>>
>>
>> Steps to reproduce:
>>
>> $ whoami
>> maxim
>>
>> $ pwd
>> /var/cache
>>
>> $ ls -l /var/
>> drwxr-xr-x 12 root root  4,0K  8 jun 09.06 cache
>>
>> $ ls -l /var/cache/
>> drwxr-xr-x  2 maxim root  12K 25 aug 15.36 yaourt
>>
>> $ paccache -rc /var/cache/yaourt
>> ==> Privilege escalation required
>>
>>
>> Cause:
>>
>> This happens because [[ ${movedir:0:1} != '/' ]] is true when $movedir
>> is empty, causing $movedir to be set to $PWD (on line 276). And if
>> $PWD is read only, $needsroot will be set to 1 on the next row.
>>
>> 274 if (( move || delete )); then
>> 275         # make it an absolute path since we're about to chdir
>> 276         [[ ${movedir:0:1} != '/' ]] && movedir=$PWD/$movedir
>> 277         [[ ! -w $cachedir || ( $movedir && ! -w $movedir ) ]] &&
> needsroot=1
>> 278 fi
>>
>>
>> Fix:
>>
>> -       [[ ${movedir:0:1} != '/' ]] && movedir=$PWD/$movedir
>> +       [[ $movedir && ${movedir:0:1} != '/' ]] && movedir=$PWD/$movedir
>>
>>
>> I'll send in a patch.
>
> Well, okay, but it seems we had this check, and your latest patch removes
> it, no?

No, my last patch has this problem as well. I noticed it just after I
sent in that patch..

My last patch changed the above code like this:

 if (( move || delete )); then
        # make it an absolute path since we're about to chdir
        [[ ${movedir:0:1} != '/' ]] && movedir=$PWD/$movedir
-       [[ ! -w $cachedir || ( $movedir && ! -w $movedir ) ]] && needsroot=1
+       [[ $movedir && ! -w $movedir ]] && needsroot=1
 fi

So that patch don't fix this issue.

>
>>
>> //Maxim
>>
>