commit 2120abd6c216b080ea8d682c03f492f828a56d39
parent d53fb00aba69a46fd511d9cfd5a225b52a6c3c76
Author: ccx <ccx@te2000.cz>
Date: Mon, 26 Feb 2024 18:15:19 +0000
Set default installation umask to 022, install as root
Diffstat:
3 files changed, 12 insertions(+), 3 deletions(-)
diff --git a/command/pthbs-build b/command/pthbs-build
@@ -39,9 +39,11 @@ fi
mkdir -p "$workdir"
case $(id -u) in
(0)
+ sandbox_mode=root
export pthbs_uid=$(id -u pthbs) || exit $?
export pthbs_gid=$(id -g pthbs) || exit $?
- sandbox_mode=root
+ export pthbs_install_uid=0 || exit $?
+ export pthbs_install_gid=0 || exit $?
;;
(*)
sandbox_mode=userns
diff --git a/command/pthbs-install b/command/pthbs-install
@@ -18,6 +18,9 @@ if ! test -f "$pthbs_destdir/${pthbs_versions%/}/$pthbs_package/.install-links";
exit 1
fi
+if test -n "$pthbs_install_uid"; then
+ chown -R "$pthbs_install_uid:$pthbs_install_gid" "$pthbs_destdir/${pthbs_versions%/}/$pthbs_package"
+fi
pthbs-digest-tree >"$pthbs_destdir/pthbs-digest" "$pthbs_destdir/${pthbs_versions%/}/$pthbs_package/" || exit $?
mv "$pthbs_destdir/pthbs-digest" "$pthbs_destdir/${pthbs_versions%/}/$pthbs_package/.pthbs-digest" || exit $?
diff --git a/ns_sandbox.py b/ns_sandbox.py
@@ -11,7 +11,6 @@ import pathlib
import select
import stat
import subprocess
-import sys
libc = ctypes.CDLL(None, use_errno=True)
CLONE_NEWNS = 0x00020000 # New mount namespace group
@@ -460,7 +459,11 @@ class Settings:
vars=v,
command=tuple(args.command),
extra_mount=tuple(args.extra_mount) if args.extra_mount is not None else (),
- drop_to=(int(env['pthbs_uid']), int(env['pthbs_gid'])) if args.mode == 'root' else None,
+ drop_to=(
+ (int(env['pthbs_uid']), int(env['pthbs_gid']))
+ if args.mode == 'root'
+ else None
+ ),
untar=args.untar and pathlib.PosixPath(args.untar),
)
@@ -575,6 +578,7 @@ def main(args, env):
)
unshare(CLONE_NEWNS)
root_sandbox_setup(settings)
+ os.umask(0o022)
exec_command(settings.command)
