Re: [PATCH] install.sh: install as root with reasonable permissions

[Horms <horms@verge.net.au>]

Ian Pratt <m+Ian.Pratt@cl.cam.ac.uk> wrote:
>> Currently install.sh doesn't change the source tree, which is 
>> a good thing. This allows it to be run by root when the tree 
>> is on a root squashing NFS export.  If the permissions need 
>> fixing, can we doing it during the build instead?
> 
> I think the best soloution is to have the install script leave the
> dist/install tree unmodified, but to fix up the permissions/ownership on
> the destination. The easiest way of doing this may be to copy everything
> to /tmp, fixup, and then install.

Hi Ian,

I played around with a few other ideas and I think that the /tmp option
is a clean and easy solution. Here is a patch that does this.

# HG changeset patch
# User Horms <horms@verge.net.au>
# Node ID 651f32f67427ebb167eb2b6d921182bb21da2a7b
# Parent  340bec28050f360b9d800fb354abfd6b5ee80bd2
[INSTALL] Fix owner and permissions for installed files

Make sure that installed files have sensible permissions
and are owned by the user running install, presumably root.

Without this patch, if the user that does the build has
a restrictive umask, say 0077, and the install is done into /,
then /lib, will become only accessable to that user.

Signed-Off-By: Horms <horms@verge.net.au>

diff -r 340bec28050f -r 651f32f67427 install.sh
--- a/install.sh	Fri Dec  2 02:16:21 2005
+++ b/install.sh	Fri Dec  2 02:21:15 2005
@@ -22,19 +22,25 @@
   exit 1
 fi
 
+tmp="`mktemp -d`"
+
 echo "Installing Xen from '$src' to '$dst'..."
-(cd $src; tar -cf - --exclude etc/init.d --exclude etc/hotplug --exclude etc/udev * ) | tar -C $dst -xf -
-cp -fdRL $src/etc/init.d/* $dst/etc/init.d/
+(cd $src; tar -cf - --exclude etc/init.d --exclude etc/hotplug --exclude etc/udev * ) | tar -C "$tmp" -xf -
+cp -fdRL $src/etc/init.d/* "$tmp"/etc/init.d/
 echo "All done."
 
 [ -x "$(which udevinfo)" ] && \
   UDEV_VERSION=$(udevinfo -V | sed -e 's/^[^0-9]* \([0-9]\{1,\}\)[^0-9]\{0,\}/\1/')
 
 if [ -n "$UDEV_VERSION" ] && [ $UDEV_VERSION -ge 059 ]; then
-  cp -f $src/etc/udev/rules.d/*.rules $dst/etc/udev/rules.d/
+  cp -f $src/etc/udev/rules.d/*.rules "$tmp/etc/udev/rules.d/"
 else
-  cp -f $src/etc/hotplug/*.agent $dst/etc/hotplug/
+  cp -f $src/etc/hotplug/*.agent "$tmp/etc/hotplug/"
 fi
+
+chmod -R a+rX "$tmp"
+(cd $tmp; tar -cf - *) | tar --no-same-owner -C "$dst" -xf -
+rm -r "$tmp"
 
 echo "Checking to see whether prerequisite tools are installed..."
 cd $src/../check