summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Makefile.PL2
-rw-r--r--pod/rurpme.8.pod34
-rw-r--r--rurpme19
-rw-r--r--urpm/args.pm1
-rw-r--r--urpme7
-rw-r--r--urpmi.spec3
6 files changed, 63 insertions, 3 deletions
diff --git a/Makefile.PL b/Makefile.PL
index e11e6625..173b8fae 100644
--- a/Makefile.PL
+++ b/Makefile.PL
@@ -21,7 +21,7 @@ chomp $rpmtopdir;
# All scripts, some of them go in /usr/sbin (see DESTINSTALLSBIN below)
our @bin_scripts = qw(urpmq urpmf rpm-find-leaves urpmi.recover);
-our @sbin_scripts = qw(urpmi urpme urpmi.addmedia urpmi.update urpmi.removemedia rurpmi);
+our @sbin_scripts = qw(urpmi urpme urpmi.addmedia urpmi.update urpmi.removemedia rurpmi rurpme);
if ($with_gui) {
push @bin_scripts, qw(gurpmi);
push @sbin_scripts, qw(gurpmi2);
diff --git a/pod/rurpme.8.pod b/pod/rurpme.8.pod
new file mode 100644
index 00000000..e1fb9cd9
--- /dev/null
+++ b/pod/rurpme.8.pod
@@ -0,0 +1,34 @@
+=head1 NAME
+
+rurpme - restricted urpme
+
+=head1 SYNOPSIS
+
+ rurpme [options] [package_name...]
+
+=head1 DESCRIPTION
+
+rurpme is similar to urpme, but has a stripped-down set of features. It's
+intended to be used by users without root privileges but with sudo rights
+on it, preventing any abuse of this tool to compromise the system.
+
+With rurpme, the following options are forbidden: B<--root>,
+B<--use-distrib>, B<--noscripts> and B<--parallel>.
+
+=head1 CAVEAT
+
+This software is still experimental. While some operations are forbidden,
+there is no guarantee it is actually secure.
+
+=head1 OPTIONS
+
+The options are the same than urpme ones.
+
+=head1 AUTHOR
+
+Maintained by Rafael Garcia-Suarez,
+<rgarciasuarez@mandriva.com>
+
+=head1 SEE ALSO
+
+urpme(8).
diff --git a/rurpme b/rurpme
new file mode 100644
index 00000000..ce5a2790
--- /dev/null
+++ b/rurpme
@@ -0,0 +1,19 @@
+#!/usr/bin/perl -T
+
+#- Copyright (C) 2005 Mandriva SA
+
+use strict;
+use urpm::msg;
+use urpm::util qw(untaint);
+
+if ($< != 0) {
+ print STDERR N("Only superuser is allowed to install packages"), "\n";
+ exit 1;
+}
+
+$ENV{PATH} = "/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin";
+delete @ENV{qw(ENV BASH_ENV IFS CDPATH PERLLIB PERL5LIB PERL5OPT PERLIO PERLIO_DEBUG PERL5DB PERL_ENCODING PERL_HASH_SEED PERL_SIGNALS PERL_UNICODE)};
+
+print STDERR N("Running urpme in restricted mode..."), "\n";
+@ARGV or @ARGV = qw(--help);
+exec '/usr/bin/perl', '/usr/sbin/urpme', '--restricted', map { untaint $_ } @ARGV;
diff --git a/urpm/args.pm b/urpm/args.pm
index c6de5f38..3f2a9a69 100644
--- a/urpm/args.pm
+++ b/urpm/args.pm
@@ -153,6 +153,7 @@ my %options_spec = (
a => \$::matches,
noscripts => \$::noscripts,
repackage => \$::repackage,
+ restricted => \$::restricted,
'bundle!' => sub { $::bundle = $_[1] },
},
diff --git a/urpme b/urpme
index 65e0f03c..1a80f9ab 100644
--- a/urpme
+++ b/urpme
@@ -27,7 +27,7 @@ use urpm::msg;
$ENV{PATH} = "/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin";
delete @ENV{qw(ENV BASH_ENV IFS CDPATH)};
-our ($root, $test, $parallel, $auto, $matches, $verbose, $usedistrib, $force, $noscripts, $repackage, @l, $bundle);
+our ($root, $test, $parallel, $auto, $matches, $verbose, $usedistrib, $force, $noscripts, $repackage, @l, $bundle, $restricted);
# Translator: Add here the keys which might be pressed in the "No"-case.
my $noexpr = N("Nn");
# Translator: Add here the keys which might be pressed in the "Yes"-case.
@@ -70,6 +70,11 @@ if ($< && !$test) {
$urpm->{fatal}(1, N("Only superuser is allowed to remove packages"));
}
+#- rurpme checks
+if ($restricted) {
+ urpm::error_restricted($urpm) if $root || $usedistrib || $noscripts || $parallel;
+}
+
unless ($test) {
sys_log("called with: @origARGV");
}
diff --git a/urpmi.spec b/urpmi.spec
index 6c6bdb8d..194f04e9 100644
--- a/urpmi.spec
+++ b/urpmi.spec
@@ -214,6 +214,7 @@ if (-e "/etc/urpmi/urpmi.cfg") {
%{_bindir}/urpmq
%{_sbindir}/urpmi
%{_sbindir}/rurpmi
+%{_sbindir}/rurpme
%{_sbindir}/urpme
%{_sbindir}/urpmi.addmedia
%{_sbindir}/urpmi.removemedia
@@ -221,7 +222,7 @@ if (-e "/etc/urpmi/urpmi.cfg") {
%{_mandir}/man3/urpm*
%{_mandir}/man5/urpm*
%{_mandir}/man5/proxy*
-%{_mandir}/man8/rurpmi*
+%{_mandir}/man8/rurpm*
%{_mandir}/man8/urpme*
%{_mandir}/man8/urpmf*
%{_mandir}/man8/urpmq*