About pseudo's chmod - Robert Yang

Openembedded Core Discussions
 help / color / mirror / Atom feed

From: Robert Yang <liezhi.yang@windriver.com>
To: oe-core <openembedded-core@lists.openembedded.org>,
	Mark Hatle <mark.hatle@windriver.com>,
	Richard Purdie <richard.purdie@linuxfoundation.org>
Subject: About pseudo's chmod
Date: Tue, 5 Jul 2016 18:23:37 +0800	[thread overview]
Message-ID: <577B8AA9.5040808@windriver.com> (raw)

Hi,

When run "chmod 0444 <file>" under pseudo, it would always adds
write permission for real file (and w + x for dir), which means that
it runs as "chmod 0644 <file>". It does this on real file, not record
this on pseudo's database. Here are the code from pseudo:

/* Root can read and write files, and enter directories which have no
  * read, write, or execute permissions.  (But can't execute files without
  * execute permissions!)
  *
  * A non-root user can't.
  *
  * When doing anything which actually writes to the filesystem, we add in
  * the user read/write/execute bits.  When storing to the database, though,
  * we mask out any such bits which weren't in the original mode.
  */
#define PSEUDO_FS_MODE(mode, isdir) (((mode) | S_IRUSR | S_IWUSR | ((isdir) ? 
S_IXUSR : 0)) & ~(S_IWGRP | S_IWOTH))
#define PSEUDO_DB_MODE(fs_mode, user_mode) (((fs_mode) & ~0722) | ((user_mode & 
0722)))

It has a side effect for -dbg pkgs if the source files foo.c's mode is 0444:
1) bitbake foo
2) Edit rpm-native
3) bitbake foo

After the first bitake foo, we will see that foo.c in foo-dbg is 0444, but
after the second bitbake foo, foo.c in foo-dbg will be 0644, because the first
build has changed src file foo.c's mode to 0644, this is incorrect.

I have two suggestions on it:
1) Don't add more permissions when chmod(e.g., don't change 0444 -> 0644),
    The user can add it clearly if a file/dir really needs that.
2) This mainly affects do_package task AFAIK, the code is:
             if not cpath.islink(file):
                 os.link(file, fpath)
                 fstat = cpath.stat(file)
                 os.chmod(fpath, fstat.st_mode)
                 os.chown(fpath, fstat.st_uid, fstat.st_gid)

    Another solution is checking mode before run chmod, if we really need
    run chmod, then copy the file rather than link.

Any suggestion is appreciated.

The following recipes in oe-core have this issue:
blktool
coreutils
e2fsprogs
gnutls
guile
gzip
less
lsof
mtools
opensp
parted
screen
tcp-wrappers

-- 
Thanks

Robert

next             reply	other threads:[~2016-07-05 10:23 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-07-05 10:23 Robert Yang [this message]
2016-07-05 13:10 ` About pseudo's chmod Mark Hatle
2016-07-05 14:10   ` Robert Yang
2016-07-29  7:38   ` Robert Yang
2016-07-29  7:40     ` Robert Yang
2016-07-29 16:02     ` Seebs
2016-08-01  5:57       ` Robert Yang
2016-08-01  8:42         ` Seebs
2016-08-01  8:57           ` Robert Yang
2016-08-01 18:17             ` Seebs
2016-08-01 20:01               ` Richard Purdie
2016-08-01 20:17                 ` Seebs
2016-08-01 22:55                   ` Richard Purdie
2016-08-01 23:36                     ` Mark Hatle
2016-08-02  3:39                       ` Seebs
2016-08-02  1:52                     ` Robert Yang
2016-08-02  3:43                       ` Seebs
2016-08-02  6:07                         ` Robert Yang
2016-08-02  6:08                           ` Robert Yang
2016-08-02  6:30                           ` Seebs
2016-08-02  6:44                             ` Robert Yang
2016-08-02  6:50                               ` Seebs
2016-08-02  8:32                                 ` Robert Yang
2016-08-02 19:16                                   ` Seebs
2016-08-02 19:18                                     ` Burton, Ross
2016-08-02 15:12                                 ` Mark Hatle
2016-08-02 19:19                                   ` Seebs
2016-08-02 19:39                                     ` Mark Hatle
2016-08-02 19:53                                       ` Seebs
2016-08-02  3:37                     ` Seebs

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=577B8AA9.5040808@windriver.com \
    --to=liezhi.yang@windriver.com \
    --cc=mark.hatle@windriver.com \
    --cc=openembedded-core@lists.openembedded.org \
    --cc=richard.purdie@linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox