minstall: do not drop privileges if msetup also ran under sudo

A user might run `sudo somewrapper` to build and install something with meson, and it is not actually possible to drop privileges and build, since the build directory is also owned by root. A common case of this is `sudo pip install` for projects using meson-python or other python build-backends that wrap around meson. Fixes #11665
author: Eli Schwartz <eschwartz@archlinux.org> 2023-04-11 13:11:00 -0400
committer: Eli Schwartz <eschwartz@archlinux.org> 2023-04-14 15:12:37 -0400
commit: 9a77c45e4192df1b89a3631aa3ce379922c4bf5c (patch)
tree: e4e6c65a75c19f3b1794f993e69b7fd426223881 /mesonbuild
parent: 1bc3d91112c046006da26d1a5c77af4854c6899b (diff)
download: meson-9a77c45e4192df1b89a3631aa3ce379922c4bf5c.zip
meson-9a77c45e4192df1b89a3631aa3ce379922c4bf5c.tar.gz
meson-9a77c45e4192df1b89a3631aa3ce379922c4bf5c.tar.bz2
1 files changed, 4 insertions, 0 deletions
diff --git a/mesonbuild/minstall.py b/mesonbuild/minstall.py
index c4de5c2..04726b0 100644
--- a/mesonbuild/minstall.py
+++ b/mesonbuild/minstall.py
@@ -788,6 +788,10 @@ def rebuild_all(wd: str, backend: str) -> bool:
             else:
                 return None, None
 
+            if os.stat(os.path.join(wd, 'build.ninja')).st_uid != int(orig_uid):
+                # the entire build process is running with sudo, we can't drop privileges
+                return None, None
+
             env['USER'] = orig_user
             env['HOME'] = homedir
author	Eli Schwartz <eschwartz@archlinux.org>	2023-04-11 13:11:00 -0400
committer	Eli Schwartz <eschwartz@archlinux.org>	2023-04-14 15:12:37 -0400
commit	9a77c45e4192df1b89a3631aa3ce379922c4bf5c (patch)
tree	e4e6c65a75c19f3b1794f993e69b7fd426223881 /mesonbuild
parent	1bc3d91112c046006da26d1a5c77af4854c6899b (diff)
download	meson-9a77c45e4192df1b89a3631aa3ce379922c4bf5c.zip meson-9a77c45e4192df1b89a3631aa3ce379922c4bf5c.tar.gz meson-9a77c45e4192df1b89a3631aa3ce379922c4bf5c.tar.bz2