pthbs

Packaging Through Hashed Build Scripts
git clone https://ccx.te2000.cz/git/pthbs
Log | Files | Refs | Submodules | README
commit d53fb00aba69a46fd511d9cfd5a225b52a6c3c76
parent 6df7edd5bfa950f44f30777f5b997330ddd1c81d
Author: ccx <ccx@te2000.cz>
Date:   Mon, 26 Feb 2024 17:21:46 +0000

Fix device access by setting umask(0) in sandbox

Diffstat:

Mcommand/pthbs-build | 14++++++++------


Mns_sandbox.py | 1+


2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/command/pthbs-build b/command/pthbs-build
@@ -199,17 +199,19 @@ function at_filehash(hash_type, file_hash, dst,    dstdir){
 		printf "%s\n", "chown -R \"$pthbs_uid:$pthbs_gid\"  "q(ENVIRON["workdir"])
 	}
 	if(length(ENVIRON["envdir"])){
-		printf "exec >build.log 2>&1 env"
-		printf " %s", "pthbs_build_environment="q(ENVIRON["envdir"])
 		if(settings["set_path"]) {
-			printf " %s", "PATH="q(ENVIRON["envdir"]"/command") sandbox_cmd
-			print " "q(ENVIRON["envdir"]"/command/sh")" -xe "q(ENVIRON["script"])
+			cmd=sandbox_cmd" "q(ENVIRON["envdir"]"/command/env")
+			cmd=cmd" pthbs_build_environment="q(ENVIRON["envdir"])
+			cmd=cmd" PATH="q(ENVIRON["envdir"]"/command")
+			cmd=cmd" "q(ENVIRON["envdir"]"/command/sh")" -xe "q(ENVIRON["script"])
 		} else {
-			print " " sandbox_cmd " sh -xe "q(ENVIRON["script"])
+			cmd="env "q(ENVIRON["envdir"]"/command/env")
+			cmd=" sh -xe "q(ENVIRON["script"])
 		}
 	} else {
-		print "exec >build.log 2>&1 " sandbox_cmd " sh -xe "q(ENVIRON["script"])
+		cmd=sandbox_cmd" sh -xe "q(ENVIRON["script"])
 	}
+	print "exec >build.log 2>&1 " cmd
 	exit 0
 }
 {
diff --git a/ns_sandbox.py b/ns_sandbox.py
@@ -526,6 +526,7 @@ def mknod_dev(dev):
 
 def root_sandbox_setup(settings):
     uid, gid = settings.drop_to
+    os.umask(0)
     to_umount = [mi.mountpoint for mi in umount_order(*parse_mountinfo())]
     r = settings.root
     if settings.untar: