Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   ArchLinux General Discussion (http://www.linux-archive.org/archlinux-general-discussion/)
-   -   Fix permissions of incoming packages. (http://www.linux-archive.org/archlinux-general-discussion/338939-fix-permissions-incoming-packages.html)

Chris Brannon 03-09-2010 10:48 PM

Fix permissions of incoming packages.
 
This patch changes the permissions of uploaded packages to 664, before
they are moved from the staging directory. The commitpkg script included
in devtools uses rsync to upload packages, and rsync preserves permissions.
This causes problems whenever permissions are too restrictive on the
uploader's machine.

Signed-off-by: Chris Brannon <cmbrannon79@gmail.com>
---
db-update | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/db-update b/db-update
index 0973bf3..3f36332 100755
--- a/db-update
+++ b/db-update
@@ -87,6 +87,11 @@ for current_arch in ${ARCHES[@]} any; do
done
done

+# Give permissions of 664 to all files under $stagedir.
+# I.E., readable-writable by user and group; readable by others.
+# This insures that packages enter the ftp area with correct permissions.
+find "$stagedir" -print0 -type f |xargs -0 chmod 664
+
# Process architecture-independent packages first.
if [ -d "$stagedir" ]; then
ANYPKGS="$(getpkgfiles $stagedir/*-any$PKGEXT 2>/dev/null)"
--
1.7.0.1

Daenyth Blank 03-09-2010 11:12 PM

Fix permissions of incoming packages.
 
I doubt that running find is needed, just run chmod directly on the
files being uploaded by commitpkg, or have repo-add chmod the
individual files (it's running as root right?)

On Tue, Mar 9, 2010 at 18:48, Chris Brannon <cmbrannon79@gmail.com> wrote:
> This patch changes the permissions of uploaded packages to 664, before
> they are moved from the staging directory. *The commitpkg script included
> in devtools uses rsync to upload packages, and rsync preserves permissions.
> This causes problems whenever permissions are too restrictive on the
> uploader's machine.
>
> Signed-off-by: Chris Brannon <cmbrannon79@gmail.com>
> ---
> *db-update | * *5 +++++
> *1 files changed, 5 insertions(+), 0 deletions(-)
>
> diff --git a/db-update b/db-update
> index 0973bf3..3f36332 100755
> --- a/db-update
> +++ b/db-update
> @@ -87,6 +87,11 @@ for current_arch in ${ARCHES[@]} any; do
> * * * *done
> *done
>
> +# Give permissions of 664 to all files under $stagedir.
> +# I.E., readable-writable by user and group; readable by others.
> +# This insures that packages enter the ftp area with correct permissions.
> +find "$stagedir" -print0 -type f |xargs -0 chmod 664
> +
> *# Process architecture-independent packages first.
> *if [ -d "$stagedir" ]; then
> * * * *ANYPKGS="$(getpkgfiles $stagedir/*-any$PKGEXT 2>/dev/null)"
> --
> 1.7.0.1
>
>

Andrea Scarpino 03-10-2010 12:04 AM

Fix permissions of incoming packages.
 
On Wednesday 10 March 2010 01:12:22 Daenyth Blank wrote:
> I doubt that running find is needed, just run chmod directly on the
> files being uploaded by commitpkg, or have repo-add chmod the
> individual files (it's running as root right?)
I also think we should fix only the package that we add in ftp dir.

my patch attached.

--
Andrea

Andrea Scarpino 03-10-2010 12:15 AM

Fix permissions of incoming packages.
 
On Wednesday 10 March 2010 02:12:21 Giovanni Scafora wrote:
> Where is your patch?
http://mailman.archlinux.org/pipermail/arch-dev-
public/attachments/20100310/8c2b8a26/attachment.bin

--
Andrea

Dan McGee 03-10-2010 12:15 AM

Fix permissions of incoming packages.
 
On Tue, Mar 9, 2010 at 7:04 PM, Andrea Scarpino <andrea@archlinux.org> wrote:
> On Wednesday 10 March 2010 01:12:22 Daenyth Blank wrote:
>> I doubt that running find is needed, just run chmod directly on the
>> files being uploaded by commitpkg, or have repo-add chmod the
>> individual files (it's running as root right?)
> I also think we should fix only the package that we add in ftp dir.
>
> my patch attached.

Inline them; that way they can be reviewed.

-Dan

Andrea Scarpino 03-10-2010 12:21 AM

Fix permissions of incoming packages.
 
On Wednesday 10 March 2010 02:15:32 Dan McGee wrote:
> Inline them; that way they can be reviewed.
>
> -Dan
From 7a5c0584a3ad2fcf14659f5028534887bf929cf1 Mon Sep 17 00:00:00 2001
From: Andrea Scarpino <andrea@archlinux.org>
Date: Wed, 10 Mar 2010 02:01:57 +0100
Subject: [PATCH] fix permissions of incoming packages

---
db-update | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/db-update b/db-update
index 0973bf3..7b771a3 100755
--- a/db-update
+++ b/db-update
@@ -222,6 +222,7 @@ for current_arch in ${ARCHES[@]}; do
if ! /bin/cp "$f" "$ftppath/"; then
die "error: failure while copying files
to $ftppath"
fi
+ chmod 664 $ftppath/$f
done
fi
if [ $(getpkgfiles "$WORKDIR/build/"*-any$PKGEXT 2>/dev/null |
wc -l) != 0 ]; then
@@ -230,6 +231,7 @@ for current_arch in ${ARCHES[@]}; do
if ! /bin/cp "$f" "$ftppath_any"; then
die "error: failure while copying files
to $ftppath_any"
fi
+ chmod 664 $ftppath/$f
bf=$(basename $f)
if ! ln -s "../any/$bf" "$ftppath/$bf"; then
die "error: failed to make link for
$bf."
--
1.7.0.2


--
Andrea

Dan McGee 03-10-2010 01:10 AM

Fix permissions of incoming packages.
 
On Tue, Mar 9, 2010 at 7:21 PM, Andrea Scarpino <andrea@archlinux.org> wrote:
> On Wednesday 10 March 2010 02:15:32 Dan McGee wrote:
>> Inline them; that way they can be reviewed.
>>
>> -Dan
> From 7a5c0584a3ad2fcf14659f5028534887bf929cf1 Mon Sep 17 00:00:00 2001
> From: Andrea Scarpino <andrea@archlinux.org>
> Date: Wed, 10 Mar 2010 02:01:57 +0100
> Subject: [PATCH] fix permissions of incoming packages
>
> ---
> *db-update | * *2 ++
> *1 files changed, 2 insertions(+), 0 deletions(-)
>
> diff --git a/db-update b/db-update
> index 0973bf3..7b771a3 100755
> --- a/db-update
> +++ b/db-update
> @@ -222,6 +222,7 @@ for current_arch in ${ARCHES[@]}; do
> * * * * * * * * * * * * * * * *if ! /bin/cp "$f" "$ftppath/"; then
> * * * * * * * * * * * * * * * * * * * *die "error: failure while copying files
> to $ftppath"
> * * * * * * * * * * * * * * * *fi
> + * * * * * * * * * * * * * * * chmod 664 $ftppath/$f
> * * * * * * * * * * * *done
> * * * * * * * *fi
> * * * * * * * *if [ $(getpkgfiles "$WORKDIR/build/"*-any$PKGEXT 2>/dev/null |
> wc -l) != 0 ]; then
> @@ -230,6 +231,7 @@ for current_arch in ${ARCHES[@]}; do
> * * * * * * * * * * * * * * * *if ! /bin/cp "$f" "$ftppath_any"; then
> * * * * * * * * * * * * * * * * * * * *die "error: failure while copying files
> to $ftppath_any"
> * * * * * * * * * * * * * * * *fi
> + * * * * * * * * * * * * * * * chmod 664 $ftppath/$f
> * * * * * * * * * * * * * * * *bf=$(basename $f)
> * * * * * * * * * * * * * * * *if ! ln -s "../any/$bf" "$ftppath/$bf"; then
> * * * * * * * * * * * * * * * * * * * *die "error: failed to make link for
> $bf."
> --

Seems sane; but maybe do the chmod before copying it into that
directory rather than after? That way files never set foot in there
with the wrong permissions (even if only for almost zero time).

-Dan

Andrea Scarpino 03-10-2010 01:42 AM

Fix permissions of incoming packages.
 
On Wednesday 10 March 2010 03:10:39 Dan McGee wrote:
> Seems sane; but maybe do the chmod before copying it into that
> directory rather than after? That way files never set foot in there
> with the wrong permissions (even if only for almost zero time).
It's ok. I forwarded the output too.

From a9545a8d51f7f236aa2b18f70aaad8f997751ea9 Mon Sep 17 00:00:00 2001
From: Andrea Scarpino <andrea@archlinux.org>
Date: Wed, 10 Mar 2010 03:42:05 +0100
Subject: [PATCH] fix permissions of incoming packages

---
db-update | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/db-update b/db-update
index 0973bf3..36e168f 100755
--- a/db-update
+++ b/db-update
@@ -219,6 +219,7 @@ for current_arch in ${ARCHES[@]}; do
if [ $(getpkgfiles "$WORKDIR/build/"*-$current_arch$PKGEXT
2>/dev/null | wc -l) != 0 ]; then
echo "Copying new files to '$ftppath'"
for f in "$WORKDIR/build/"*-$current_arch$PKGEXT; do
+ chmod 664 $f &> /dev/null
if ! /bin/cp "$f" "$ftppath/"; then
die "error: failure while copying files
to $ftppath"
fi
@@ -227,6 +228,7 @@ for current_arch in ${ARCHES[@]}; do
if [ $(getpkgfiles "$WORKDIR/build/"*-any$PKGEXT 2>/dev/null |
wc -l) != 0 ]; then
echo "Copying new files to '$ftppath_any' and
symlinking"
for f in "$WORKDIR/build/"*-any$PKGEXT; do
+ chmod 644 $f &> /dev/null
if ! /bin/cp "$f" "$ftppath_any"; then
die "error: failure while copying files
to $ftppath_any"
fi
--
1.7.0.2

--
Andrea

Andrea Scarpino 03-10-2010 01:44 AM

Fix permissions of incoming packages.
 
On Wednesday 10 March 2010 03:42:51 Andrea Scarpino wrote:
> It's ok. I forwarded the output too.
typo

From a9545a8d51f7f236aa2b18f70aaad8f997751ea9 Mon Sep 17 00:00:00 2001
From: Andrea Scarpino <andrea@archlinux.org>
Date: Wed, 10 Mar 2010 03:42:05 +0100
Subject: [PATCH] fix permissions of incoming packages

---
db-update | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/db-update b/db-update
index 0973bf3..36e168f 100755
--- a/db-update
+++ b/db-update
@@ -219,6 +219,7 @@ for current_arch in ${ARCHES[@]}; do
if [ $(getpkgfiles "$WORKDIR/build/"*-$current_arch$PKGEXT
2>/dev/null | wc -l) != 0 ]; then
echo "Copying new files to '$ftppath'"
for f in "$WORKDIR/build/"*-$current_arch$PKGEXT;
do + chmod 664 $f &> /dev/null
if ! /bin/cp "$f" "$ftppath/"; then
die "error: failure while copying
files to $ftppath"
fi
@@ -227,6 +228,7 @@ for current_arch in ${ARCHES[@]}; do
if [ $(getpkgfiles "$WORKDIR/build/"*-any$PKGEXT
2>/dev/null | wc -l) != 0 ]; then
echo "Copying new files to '$ftppath_any' and
symlinking"
for f in "$WORKDIR/build/"*-any$PKGEXT; do
+ chmod 664 $f &> /dev/null
if ! /bin/cp "$f" "$ftppath_any"; then
die "error: failure while copying
files to $ftppath_any"
fi
--
1.7.0.2

--
Andrea

Andrea Scarpino 03-10-2010 01:45 AM

Fix permissions of incoming packages.
 
On Wednesday 10 March 2010 03:44:17 Andrea Scarpino wrote:
> typo
sorry for spam guys.

From a9545a8d51f7f236aa2b18f70aaad8f997751ea9 Mon Sep 17 00:00:00 2001
From: Andrea Scarpino <andrea@archlinux.org>
Date: Wed, 10 Mar 2010 03:42:05 +0100
Subject: [PATCH] fix permissions of incoming packages

---
db-update | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/db-update b/db-update
index 0973bf3..36e168f 100755
--- a/db-update
+++ b/db-update
@@ -219,6 +219,7 @@ for current_arch in ${ARCHES[@]}; do
if [ $(getpkgfiles "$WORKDIR/build/"*-$current_arch$PKGEXT
2>/dev/null | wc -l) != 0 ]; then
echo "Copying new files to '$ftppath'"
for f in "$WORKDIR/build/"*-$current_arch$PKGEXT; do
+ chmod 664 $f &> /dev/null
if ! /bin/cp "$f" "$ftppath/"; then
die "error: failure while copying files
to $ftppath"
fi
@@ -227,6 +228,7 @@ for current_arch in ${ARCHES[@]}; do
if [ $(getpkgfiles "$WORKDIR/build/"*-any$PKGEXT 2>/dev/null |
wc -l) != 0 ]; then
echo "Copying new files to '$ftppath_any' and
symlinking"
for f in "$WORKDIR/build/"*-any$PKGEXT; do
+ chmod 664 $f &> /dev/null
if ! /bin/cp "$f" "$ftppath_any"; then
die "error: failure while copying files
to $ftppath_any"
fi
--
1.7.0.2



--
Andrea


All times are GMT. The time now is 02:18 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.