FS#47625 - [devtools] extra-x86_64-build fails when root's umask is 027
Attached to Project:
Arch Linux
Opened by Pierre Neidhardt (Ambrevar) - Monday, 04 January 2016, 23:04 GMT
Last edited by Eli Schwartz (eschwartz) - Wednesday, 21 August 2019, 04:49 GMT
Opened by Pierre Neidhardt (Ambrevar) - Monday, 04 January 2016, 23:04 GMT
Last edited by Eli Schwartz (eschwartz) - Wednesday, 21 August 2019, 04:49 GMT
|
Details
Summary and Info:
The title is a bit too specific as this regards any mask that removes folder access to others, and (probably) all build scripts. These helper scripts will create /var/lib/archbuild/{repo}-{arch} with root's current umask, which can prevent current user from accessing those folders. Then the scripts will fails: ==> Building in chroot for [extra] (i686)... ==> Creating clean working copy [ambrevar]...done ==> ERROR: /var/lib/archbuild/extra-i686/ambrevar/etc/makepkg.conf not found. Aborting... ==> ERROR: Could not download sources. The process fails at mkarchroot:478: download_sources() { local builddir="$(mktemp -d)" chmod 1777 "$builddir" # Ensure sources are downloaded if [[ -n $SUDO_USER ]]; then sudo -u $SUDO_USER env SRCDEST="$SRCDEST" BUILDDIR="$builddir" \ makepkg --config="$copydir/etc/makepkg.conf" --verifysource -o A possible fix would be to add 'umask 022' before creating the folder in the build scripts, i.e. umask 022 mkdir -p "${chroots}/${repo}-${arch}" Steps to Reproduce: * Setup root session to use a umask 027 (or any mask that removes folder access to others). * Remove /var/lib/archbuild if existing. * Run `sudo extra-x86_64-build`, |
This task depends upon
Closed by Eli Schwartz (eschwartz)
Wednesday, 21 August 2019, 04:49 GMT
Reason for closing: Fixed
Additional comments about closing: https://git.archlinux.org/devtools.git/c ommit/?id=40a90e2cab479cc64903a62b42eb61 7a8a7e5842
Wednesday, 21 August 2019, 04:49 GMT
Reason for closing: Fixed
Additional comments about closing: https://git.archlinux.org/devtools.git/c ommit/?id=40a90e2cab479cc64903a62b42eb61 7a8a7e5842
Perhaps we could call umask from lib/common.sh which gets included in all scripts; haven't looked much into it yet though. [1]
[1] https://projects.archlinux.org/devtools.git/tree/lib/common.sh