[pacman-dev] [PATCH] Remove setgid bit on srcdir/pkgdir creation
Allan McRae
allan at archlinux.org
Wed Jan 20 00:51:00 EST 2010
Dan McGee wrote:
> On Tue, Jan 19, 2010 at 11:25 PM, Dan McGee <dan at archlinux.org> wrote:
>> It was noted in FS#17533 that setgid bits are carried down into any created
>> subdirectories, and thus could end up being in a built package if the
>> original package directory was marked g+s. When we create src/ and pkg/,
>> explicitly chmod them to remove any sticky bits.
>>
>> Signed-off-by: Dan McGee <dan at archlinux.org>
>> ---
> I forgot to add here that I wasn't particularly happy I had to add an
> additional command in 6 places. Do we know why we create these
> directories so much? Some of them are probably unnecessary...
>
> -Dan
Some of them are because $pkgdir does change its value with package
splitting, so we have one for $startdir/pkg and then another for
$startdir/pkg/{pkg1,pkg2...}. Then there is whether or not we do the
packaging in fakeroot, which is in a 10 line for loop that is duplicated
and could be refactored.
The creation of $srcdir is done either before downloading sources,
performing integrity checks or creating a source package. These could
all go in the download_sources function, but if my skipinteg patches are
included, we will need the one back for creating a source package.
So 4/6 are needed...
Allan
More information about the pacman-dev
mailing list