About pseudo's chmod - Robert Yang

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Robert Yang <liezhi.yang@windriver.com>
To: oe-core <openembedded-core@lists.openembedded.org>,
	Mark Hatle <mark.hatle@windriver.com>,
	Richard Purdie <richard.purdie@linuxfoundation.org>
Subject: About pseudo's chmod
Date: Tue, 5 Jul 2016 18:23:37 +0800	[thread overview]
Message-ID: <577B8AA9.5040808@windriver.com> (raw)

Hi,

When run "chmod 0444 <file>" under pseudo, it would always adds
write permission for real file (and w + x for dir), which means that
it runs as "chmod 0644 <file>". It does this on real file, not record
this on pseudo's database. Here are the code from pseudo:

/* Root can read and write files, and enter directories which have no
  * read, write, or execute permissions.  (But can't execute files without
  * execute permissions!)
  *
  * A non-root user can't.
  *
  * When doing anything which actually writes to the filesystem, we add in
  * the user read/write/execute bits.  When storing to the database, though,
  * we mask out any such bits which weren't in the original mode.
  */
#define PSEUDO_FS_MODE(mode, isdir) (((mode) | S_IRUSR | S_IWUSR | ((isdir) ? 
S_IXUSR : 0)) & ~(S_IWGRP | S_IWOTH))
#define PSEUDO_DB_MODE(fs_mode, user_mode) (((fs_mode) & ~0722) | ((user_mode & 
0722)))

It has a side effect for -dbg pkgs if the source files foo.c's mode is 0444:
1) bitbake foo
2) Edit rpm-native
3) bitbake foo

After the first bitake foo, we will see that foo.c in foo-dbg is 0444, but
after the second bitbake foo, foo.c in foo-dbg will be 0644, because the first
build has changed src file foo.c's mode to 0644, this is incorrect.

I have two suggestions on it:
1) Don't add more permissions when chmod(e.g., don't change 0444 -> 0644),
    The user can add it clearly if a file/dir really needs that.
2) This mainly affects do_package task AFAIK, the code is:
             if not cpath.islink(file):
                 os.link(file, fpath)
                 fstat = cpath.stat(file)
                 os.chmod(fpath, fstat.st_mode)
                 os.chown(fpath, fstat.st_uid, fstat.st_gid)

    Another solution is checking mode before run chmod, if we really need
    run chmod, then copy the file rather than link.

Any suggestion is appreciated.

The following recipes in oe-core have this issue:
blktool
coreutils
e2fsprogs
gnutls
guile
gzip
less
lsof
mtools
opensp
parted
screen
tcp-wrappers

-- 
Thanks

Robert

next             reply	other threads:[~2016-07-05 10:23 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-07-05 10:23 Robert Yang [this message]
2016-07-05 13:10 ` About pseudo's chmod Mark Hatle
2016-07-05 14:10   ` Robert Yang
2016-07-29  7:38   ` Robert Yang
2016-07-29  7:40     ` Robert Yang
2016-07-29 16:02     ` Seebs
2016-08-01  5:57       ` Robert Yang
2016-08-01  8:42         ` Seebs
2016-08-01  8:57           ` Robert Yang
2016-08-01 18:17             ` Seebs
2016-08-01 20:01               ` Richard Purdie
2016-08-01 20:17                 ` Seebs
2016-08-01 22:55                   ` Richard Purdie
2016-08-01 23:36                     ` Mark Hatle
2016-08-02  3:39                       ` Seebs
2016-08-02  1:52                     ` Robert Yang
2016-08-02  3:43                       ` Seebs
2016-08-02  6:07                         ` Robert Yang
2016-08-02  6:08                           ` Robert Yang
2016-08-02  6:30                           ` Seebs
2016-08-02  6:44                             ` Robert Yang
2016-08-02  6:50                               ` Seebs
2016-08-02  8:32                                 ` Robert Yang
2016-08-02 19:16                                   ` Seebs
2016-08-02 19:18                                     ` Burton, Ross
2016-08-02 15:12                                 ` Mark Hatle
2016-08-02 19:19                                   ` Seebs
2016-08-02 19:39                                     ` Mark Hatle
2016-08-02 19:53                                       ` Seebs
2016-08-02  3:37                     ` Seebs

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=577B8AA9.5040808@windriver.com \
    --to=liezhi.yang@windriver.com \
    --cc=mark.hatle@windriver.com \
    --cc=openembedded-core@lists.openembedded.org \
    --cc=richard.purdie@linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.