From: Mark Hatle <mark.hatle@windriver.com>
To: <openembedded-core@lists.openembedded.org>
Subject: Re: [PATCH 0/2] Ensure a reasonable umask, and fix up permissions (V2)
Date: Mon, 27 Jun 2011 10:34:46 -0500 [thread overview]
Message-ID: <4E08A316.7060609@windriver.com> (raw)
In-Reply-To: <BCF3715C-89A9-4B7A-9278-6D589F8223B1@dominion.thruhere.net>
On 6/27/11 10:31 AM, Koen Kooi wrote:
>
> Op 27 jun 2011, om 17:26 heeft Mark Hatle het volgende geschreven:
>
>> Revised the fixup_perms function in package.bbclass. Change to using a
>> class based approach for the individual permissions entries.
>>
>> Add support for directory linkages.
>>
>> Add entries to match base-files recipe in the fs-perms.txt.
>>
>> (umask commit is unchanged, resending due to time since last sent)
>>
>> ----
>>
>> V1 log below
>>
>> Add a new function that is responsible for fixing directory and file
>> permissions, owners and groups during the packaging process. This will fix
>> various issues where two packages may create the same directory and end up
>> with different permissions, owner and/or group.
>>
>> The issue being resolved is that if two packages conflict in their ownership
>> of a directory, the first installed into the rootfs sets the permissions.
>> This leads to a least potentially non-deterministic filesystems, at worst
>> security defects.
>>
>> The user can specify their own settings via the configuration files
>> specified in FILESYSTEM_PERMS_TABLES. If this is not defined, it will
>> fall back to loading files/fs-perms.txt from BBPATH. The format of this
>> file is documented within the file.
>>
>> By default all of the system directories, specified in bitbake.conf, will
>> be fixed to be 0755, root, root.
>>
>> The fs-perms.txt contains a few default entries to correct documentation,
>> locale, headers and debug sources. It was discovered these are often
>> incorrect due to being directly copied from the build user environment.
>>
>> Also tweak a couple of warnings to provide more diagnostic information.
>
> Does this rely on the umask feature in bitbake master? If so, we should check the minumum bitbake requirements again
It relies upon it, however no failures will occur if bitbake master doesn't
support the umask control. (Of course then the user's umask is inherited.)
--Mark
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
prev parent reply other threads:[~2011-06-27 15:38 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-27 15:26 [PATCH 0/2] Ensure a reasonable umask, and fix up permissions (V2) Mark Hatle
2011-06-27 15:26 ` [PATCH 1/2] Add umask task control Mark Hatle
2011-06-27 15:26 ` [PATCH 2/2] classes/package.bbclass: Add fixup_perms (V2) Mark Hatle
2011-06-27 15:31 ` [PATCH 0/2] Ensure a reasonable umask, and fix up permissions (V2) Koen Kooi
2011-06-27 15:34 ` Mark Hatle [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E08A316.7060609@windriver.com \
--to=mark.hatle@windriver.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox