package.bbclass: fix directories setuid and setgid bits

Submitted by Jean-Tiare Le Bigot on June 28, 2019, 10:13 a.m. | Patch ID: 162616

Details

Message ID 20190628101353.11933-1-jean-tiare.le-bigot@easymile.com
State Superseded
Headers show

Commit Message

Jean-Tiare Le Bigot June 28, 2019, 10:13 a.m.
From: Joël Esponde <joel.esponde@easymile.com>

populate_packages relies on ``mkdir`` to both create a directory and set
its permissions. However, ``mkdir`` honors the ``umask`` value.
Therefore, some bits may be lost in the operation. In our case, the
setgid bit on the directories were lost.

This commit fixes this by having a distinct call to create the directory
and to set the permissions.

Signed-off-by: Jean-Tiare Le Bigot <jean-tiare.le-bigot@easymile.com>
---
 meta/classes/package.bbclass | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/meta/classes/package.bbclass b/meta/classes/package.bbclass
index 20d72bba79..cd223a121e 100644
--- a/meta/classes/package.bbclass
+++ b/meta/classes/package.bbclass
@@ -1216,7 +1216,8 @@  python populate_packages () {
                 src = os.path.join(src, p)
                 dest = os.path.join(dest, p)
                 fstat = cpath.stat(src)
-                os.mkdir(dest, fstat.st_mode)
+                os.mkdir(dest)
+                os.chmod(dest, fstat.st_mode)
                 os.chown(dest, fstat.st_uid, fstat.st_gid)
                 if p not in seen:
                     seen.append(p)

Comments

Jean-Tiare Le Bigot July 18, 2019, 11:57 a.m.
Do you have any feedback on this patch ?

Thanks!

On Fri, 28 Jun 2019 at 12:14, Jean-Tiare Le Bigot <
jean-tiare.le-bigot@easymile.com> wrote:

> From: Joël Esponde <joel.esponde@easymile.com>
>
> populate_packages relies on ``mkdir`` to both create a directory and set
> its permissions. However, ``mkdir`` honors the ``umask`` value.
> Therefore, some bits may be lost in the operation. In our case, the
> setgid bit on the directories were lost.
>
> This commit fixes this by having a distinct call to create the directory
> and to set the permissions.
>
> Signed-off-by: Jean-Tiare Le Bigot <jean-tiare.le-bigot@easymile.com>
> ---
>  meta/classes/package.bbclass | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/meta/classes/package.bbclass b/meta/classes/package.bbclass
> index 20d72bba79..cd223a121e 100644
> --- a/meta/classes/package.bbclass
> +++ b/meta/classes/package.bbclass
> @@ -1216,7 +1216,8 @@ python populate_packages () {
>                  src = os.path.join(src, p)
>                  dest = os.path.join(dest, p)
>                  fstat = cpath.stat(src)
> -                os.mkdir(dest, fstat.st_mode)
> +                os.mkdir(dest)
> +                os.chmod(dest, fstat.st_mode)
>                  os.chown(dest, fstat.st_uid, fstat.st_gid)
>                  if p not in seen:
>                      seen.append(p)
> --
> 2.19.1
>
>
Richard Purdie July 18, 2019, 12:28 p.m.
On Thu, 2019-07-18 at 13:57 +0200, Jean-Tiare Le Bigot wrote:
> Do you have any feedback on this patch ?
> 
> Thanks!

It merged a while ago:

http://git.yoctoproject.org/cgit.cgi/poky/commit/?id=0df6cef5258ccd6bd137279aa610b6b1bce43640

Cheers,

Richard
Jean-Tiare Le Bigot July 18, 2019, 12:48 p.m.
Oh ! Thanks. I was following
https://patchwork.openembedded.org/series/18376/# which is still "new".

Should I submit individual patches for backport to "thud" and "warrior"
branches ?

On Thu, 18 Jul 2019 at 14:28, Richard Purdie <
richard.purdie@linuxfoundation.org> wrote:

> On Thu, 2019-07-18 at 13:57 +0200, Jean-Tiare Le Bigot wrote:
> > Do you have any feedback on this patch ?
> >
> > Thanks!
>
> It merged a while ago:
>
>
> http://git.yoctoproject.org/cgit.cgi/poky/commit/?id=0df6cef5258ccd6bd137279aa610b6b1bce43640
>
> Cheers,
>
> Richard
>
>
Ross Burton July 18, 2019, 12:52 p.m.
> Should I submit individual patches for backport to "thud" and "warrior" branches ?

Yes, please.

Ross
Jean-Tiare Le Bigot July 18, 2019, 11:47 p.m.
This is a system generated Comment: Patch 162616 was automatically marked as superseded by patch 163174.