From owner-freebsd-pkg@freebsd.org Tue Jun 21 12:29:01 2016 Return-Path: Delivered-To: freebsd-pkg@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 88358AC4459 for ; Tue, 21 Jun 2016 12:29:01 +0000 (UTC) (envelope-from se@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 746D21A3A for ; Tue, 21 Jun 2016 12:29:01 +0000 (UTC) (envelope-from se@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 70248AC4458; Tue, 21 Jun 2016 12:29:01 +0000 (UTC) Delivered-To: pkg@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6D5FEAC4457 for ; Tue, 21 Jun 2016 12:29:01 +0000 (UTC) (envelope-from se@freebsd.org) Received: from mailout12.t-online.de (mailout12.t-online.de [194.25.134.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mailout00.t-online.de", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 35EB31A38; Tue, 21 Jun 2016 12:29:00 +0000 (UTC) (envelope-from se@freebsd.org) Received: from fwd34.aul.t-online.de (fwd34.aul.t-online.de [172.20.26.145]) by mailout12.t-online.de (Postfix) with SMTP id 40A0341F559B; Tue, 21 Jun 2016 14:28:52 +0200 (CEST) Received: from [192.168.119.34] (XZrcSmZE8hE9fmmOqoOs+DGsctdl8I1mkPRqArujv4Og-WmnlIlzK13qwTrbqPSZtI@[84.154.108.140]) by fwd34.t-online.de with (TLSv1.2:ECDHE-RSA-AES256-SHA encrypted) esmtp id 1bFKnN-0U3YRc0; Tue, 21 Jun 2016 14:28:45 +0200 To: pkg@freebsd.org From: Stefan Esser Subject: Unprivileged user can prevent pkg add/install/delete from working (pkg issue 1222) Message-ID: <496aaa3c-9224-53a0-d1a7-e1b6043e7df4@freebsd.org> Date: Tue, 21 Jun 2016 14:28:39 +0200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.1.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-ID: XZrcSmZE8hE9fmmOqoOs+DGsctdl8I1mkPRqArujv4Og-WmnlIlzK13qwTrbqPSZtI X-TOI-MSGID: c0620c6f-e904-43cc-98a3-c785c46a7e66 X-BeenThere: freebsd-pkg@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Binary package management and package tools discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jun 2016 12:29:01 -0000 Using portmaster to update some ports sometimes failed for me, when used with PKG_NG. I created https://github.com/freebsd/pkg/issues/1222 to describe and document the problem. Since the problem persists, I had anothe rlook and found, that the cause described in issue 1222 did no longer apply, but instead that the problem is much broader. Package (de-)installation actions can be blocked by any unprovileged user with the simple command: $ pkg info | sleep 1000000 (This only works if the output from pkg info is large enough to keep the pkg command blocked for the duration of the sleep, obviously ...) The invocation in postmaster is equivalent to: pkg query "%n-%v %o" | while read pkg origin do ... pkg add/delete ... ... done Depending on a number of factors, the inner pkg command fails if the while loop has not consumed all output from the "pkg query" command. This is easily fixed in portmaster (by buffering the output of the "pkg query" command, before the loop is entered). But this does not help with the fact, that any user can prevent the installation or deletion of packages by keeping a "pkg info" process blocked. Instead of the example (with sleep) given above, "pkg info|more" does also block package installation and deletion, since "more" does not buffer all output from the command. And that might occur without the user typing "pkg info|more" knowing that he blocks out "pkg add/delete" for the duration of time he keeps the more command blocked ... Regards, STefan