[arch-general] [PATCH (dbscripts)] Fix permissions of incoming packages.
This patch changes the permissions of uploaded packages to 664, before they are moved from the staging directory. The commitpkg script included in devtools uses rsync to upload packages, and rsync preserves permissions. This causes problems whenever permissions are too restrictive on the uploader's machine. Signed-off-by: Chris Brannon <cmbrannon79@gmail.com> --- db-update | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-) diff --git a/db-update b/db-update index 0973bf3..3f36332 100755 --- a/db-update +++ b/db-update @@ -87,6 +87,11 @@ for current_arch in ${ARCHES[@]} any; do done done +# Give permissions of 664 to all files under $stagedir. +# I.E., readable-writable by user and group; readable by others. +# This insures that packages enter the ftp area with correct permissions. +find "$stagedir" -print0 -type f |xargs -0 chmod 664 + # Process architecture-independent packages first. if [ -d "$stagedir" ]; then ANYPKGS="$(getpkgfiles $stagedir/*-any$PKGEXT 2>/dev/null)" -- 1.7.0.1
I doubt that running find is needed, just run chmod directly on the files being uploaded by commitpkg, or have repo-add chmod the individual files (it's running as root right?) On Tue, Mar 9, 2010 at 18:48, Chris Brannon <cmbrannon79@gmail.com> wrote:
This patch changes the permissions of uploaded packages to 664, before they are moved from the staging directory. The commitpkg script included in devtools uses rsync to upload packages, and rsync preserves permissions. This causes problems whenever permissions are too restrictive on the uploader's machine.
Signed-off-by: Chris Brannon <cmbrannon79@gmail.com> --- db-update | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/db-update b/db-update index 0973bf3..3f36332 100755 --- a/db-update +++ b/db-update @@ -87,6 +87,11 @@ for current_arch in ${ARCHES[@]} any; do done done
+# Give permissions of 664 to all files under $stagedir. +# I.E., readable-writable by user and group; readable by others. +# This insures that packages enter the ftp area with correct permissions. +find "$stagedir" -print0 -type f |xargs -0 chmod 664 + # Process architecture-independent packages first. if [ -d "$stagedir" ]; then ANYPKGS="$(getpkgfiles $stagedir/*-any$PKGEXT 2>/dev/null)" -- 1.7.0.1
On Wednesday 10 March 2010 01:12:22 Daenyth Blank wrote:
I doubt that running find is needed, just run chmod directly on the files being uploaded by commitpkg, or have repo-add chmod the individual files (it's running as root right?) I also think we should fix only the package that we add in ftp dir.
my patch attached. -- Andrea
Il 10/03/2010 02:04, Andrea Scarpino ha scritto:
my patch attached.
Where is your patch? -- Arch Linux Developer http://www.archlinux.org http://www.archlinux.it
Where is your patch? http://mailman.archlinux.org/pipermail/arch-dev-
On Wednesday 10 March 2010 02:12:21 Giovanni Scafora wrote: public/attachments/20100310/8c2b8a26/attachment.bin -- Andrea
On Tue, Mar 9, 2010 at 7:04 PM, Andrea Scarpino <andrea@archlinux.org> wrote:
On Wednesday 10 March 2010 01:12:22 Daenyth Blank wrote:
I doubt that running find is needed, just run chmod directly on the files being uploaded by commitpkg, or have repo-add chmod the individual files (it's running as root right?) I also think we should fix only the package that we add in ftp dir.
my patch attached.
Inline them; that way they can be reviewed. -Dan
On Wednesday 10 March 2010 02:15:32 Dan McGee wrote:
Inline them; that way they can be reviewed.
-Dan From 7a5c0584a3ad2fcf14659f5028534887bf929cf1 Mon Sep 17 00:00:00 2001 From: Andrea Scarpino <andrea@archlinux.org> Date: Wed, 10 Mar 2010 02:01:57 +0100 Subject: [PATCH] fix permissions of incoming packages
--- db-update | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/db-update b/db-update index 0973bf3..7b771a3 100755 --- a/db-update +++ b/db-update @@ -222,6 +222,7 @@ for current_arch in ${ARCHES[@]}; do if ! /bin/cp "$f" "$ftppath/"; then die "error: failure while copying files to $ftppath" fi + chmod 664 $ftppath/$f done fi if [ $(getpkgfiles "$WORKDIR/build/"*-any$PKGEXT 2>/dev/null | wc -l) != 0 ]; then @@ -230,6 +231,7 @@ for current_arch in ${ARCHES[@]}; do if ! /bin/cp "$f" "$ftppath_any"; then die "error: failure while copying files to $ftppath_any" fi + chmod 664 $ftppath/$f bf=$(basename $f) if ! ln -s "../any/$bf" "$ftppath/$bf"; then die "error: failed to make link for $bf." -- 1.7.0.2 -- Andrea
On Tue, Mar 9, 2010 at 7:21 PM, Andrea Scarpino <andrea@archlinux.org> wrote:
On Wednesday 10 March 2010 02:15:32 Dan McGee wrote:
Inline them; that way they can be reviewed.
-Dan From 7a5c0584a3ad2fcf14659f5028534887bf929cf1 Mon Sep 17 00:00:00 2001 From: Andrea Scarpino <andrea@archlinux.org> Date: Wed, 10 Mar 2010 02:01:57 +0100 Subject: [PATCH] fix permissions of incoming packages
--- db-update | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/db-update b/db-update index 0973bf3..7b771a3 100755 --- a/db-update +++ b/db-update @@ -222,6 +222,7 @@ for current_arch in ${ARCHES[@]}; do if ! /bin/cp "$f" "$ftppath/"; then die "error: failure while copying files to $ftppath" fi + chmod 664 $ftppath/$f done fi if [ $(getpkgfiles "$WORKDIR/build/"*-any$PKGEXT 2>/dev/null | wc -l) != 0 ]; then @@ -230,6 +231,7 @@ for current_arch in ${ARCHES[@]}; do if ! /bin/cp "$f" "$ftppath_any"; then die "error: failure while copying files to $ftppath_any" fi + chmod 664 $ftppath/$f bf=$(basename $f) if ! ln -s "../any/$bf" "$ftppath/$bf"; then die "error: failed to make link for $bf." --
Seems sane; but maybe do the chmod before copying it into that directory rather than after? That way files never set foot in there with the wrong permissions (even if only for almost zero time). -Dan
On Wednesday 10 March 2010 03:10:39 Dan McGee wrote:
Seems sane; but maybe do the chmod before copying it into that directory rather than after? That way files never set foot in there with the wrong permissions (even if only for almost zero time). It's ok. I forwarded the output too.
From a9545a8d51f7f236aa2b18f70aaad8f997751ea9 Mon Sep 17 00:00:00 2001 From: Andrea Scarpino <andrea@archlinux.org> Date: Wed, 10 Mar 2010 03:42:05 +0100 Subject: [PATCH] fix permissions of incoming packages --- db-update | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/db-update b/db-update index 0973bf3..36e168f 100755 --- a/db-update +++ b/db-update @@ -219,6 +219,7 @@ for current_arch in ${ARCHES[@]}; do if [ $(getpkgfiles "$WORKDIR/build/"*-$current_arch$PKGEXT 2>/dev/null | wc -l) != 0 ]; then echo "Copying new files to '$ftppath'" for f in "$WORKDIR/build/"*-$current_arch$PKGEXT; do + chmod 664 $f &> /dev/null if ! /bin/cp "$f" "$ftppath/"; then die "error: failure while copying files to $ftppath" fi @@ -227,6 +228,7 @@ for current_arch in ${ARCHES[@]}; do if [ $(getpkgfiles "$WORKDIR/build/"*-any$PKGEXT 2>/dev/null | wc -l) != 0 ]; then echo "Copying new files to '$ftppath_any' and symlinking" for f in "$WORKDIR/build/"*-any$PKGEXT; do + chmod 644 $f &> /dev/null if ! /bin/cp "$f" "$ftppath_any"; then die "error: failure while copying files to $ftppath_any" fi -- 1.7.0.2 -- Andrea
On Wednesday 10 March 2010 03:42:51 Andrea Scarpino wrote:
It's ok. I forwarded the output too. typo
From a9545a8d51f7f236aa2b18f70aaad8f997751ea9 Mon Sep 17 00:00:00 2001 From: Andrea Scarpino <andrea@archlinux.org> Date: Wed, 10 Mar 2010 03:42:05 +0100 Subject: [PATCH] fix permissions of incoming packages --- db-update | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/db-update b/db-update index 0973bf3..36e168f 100755 --- a/db-update +++ b/db-update @@ -219,6 +219,7 @@ for current_arch in ${ARCHES[@]}; do if [ $(getpkgfiles "$WORKDIR/build/"*-$current_arch$PKGEXT 2>/dev/null | wc -l) != 0 ]; then echo "Copying new files to '$ftppath'" for f in "$WORKDIR/build/"*-$current_arch$PKGEXT; do + chmod 664 $f &> /dev/null if ! /bin/cp "$f" "$ftppath/"; then die "error: failure while copying files to $ftppath" fi @@ -227,6 +228,7 @@ for current_arch in ${ARCHES[@]}; do if [ $(getpkgfiles "$WORKDIR/build/"*-any$PKGEXT 2>/dev/null | wc -l) != 0 ]; then echo "Copying new files to '$ftppath_any' and symlinking" for f in "$WORKDIR/build/"*-any$PKGEXT; do + chmod 664 $f &> /dev/null if ! /bin/cp "$f" "$ftppath_any"; then die "error: failure while copying files to $ftppath_any" fi -- 1.7.0.2 -- Andrea
On Wednesday 10 March 2010 03:44:17 Andrea Scarpino wrote:
typo sorry for spam guys.
From a9545a8d51f7f236aa2b18f70aaad8f997751ea9 Mon Sep 17 00:00:00 2001 From: Andrea Scarpino <andrea@archlinux.org> Date: Wed, 10 Mar 2010 03:42:05 +0100 Subject: [PATCH] fix permissions of incoming packages --- db-update | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/db-update b/db-update index 0973bf3..36e168f 100755 --- a/db-update +++ b/db-update @@ -219,6 +219,7 @@ for current_arch in ${ARCHES[@]}; do if [ $(getpkgfiles "$WORKDIR/build/"*-$current_arch$PKGEXT 2>/dev/null | wc -l) != 0 ]; then echo "Copying new files to '$ftppath'" for f in "$WORKDIR/build/"*-$current_arch$PKGEXT; do + chmod 664 $f &> /dev/null if ! /bin/cp "$f" "$ftppath/"; then die "error: failure while copying files to $ftppath" fi @@ -227,6 +228,7 @@ for current_arch in ${ARCHES[@]}; do if [ $(getpkgfiles "$WORKDIR/build/"*-any$PKGEXT 2>/dev/null | wc -l) != 0 ]; then echo "Copying new files to '$ftppath_any' and symlinking" for f in "$WORKDIR/build/"*-any$PKGEXT; do + chmod 664 $f &> /dev/null if ! /bin/cp "$f" "$ftppath_any"; then die "error: failure while copying files to $ftppath_any" fi -- 1.7.0.2 -- Andrea
participants (5)
-
Andrea Scarpino
-
Chris Brannon
-
Daenyth Blank
-
Dan McGee
-
Giovanni Scafora