diff options
author | Eli Schwartz <eschwartz@archlinux.org> | 2019-03-28 22:40:47 +0100 |
---|---|---|
committer | Levente Polyak <anthraxx@archlinux.org> | 2019-08-09 19:41:52 +0200 |
commit | 40a90e2cab479cc64903a62b42eb617a8a7e5842 (patch) | |
tree | b4937b668a023e6582e9125e3fd1cf601ab4ed7a | |
parent | 74a664194602edf042b38869858e5a601e7f91dd (diff) | |
download | devtools-40a90e2cab479cc64903a62b42eb617a8a7e5842.tar.gz devtools-40a90e2cab479cc64903a62b42eb617a8a7e5842.tar.xz |
ensure that sane umask is used where needed
If a user umask is restrictive, a chroot may be created as root without the
ability for the user to read it, which then causes makepkg
--verifysource to fail.
Do not set this in lib/common.sh, where it would apply to all scripts,
as we do not want to override the user's policy for things like $SRCDEST
files, svn checkouts, etc.
Fixes FS#47625
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
-rw-r--r-- | arch-nspawn.in | 4 | ||||
-rw-r--r-- | archbuild.in | 2 | ||||
-rw-r--r-- | mkarchroot.in | 4 |
3 files changed, 9 insertions, 1 deletions
diff --git a/arch-nspawn.in b/arch-nspawn.in index fb2b53e..8a87b96 100644 --- a/arch-nspawn.in +++ b/arch-nspawn.in @@ -13,6 +13,10 @@ m4_include(lib/common.sh) m4_include(lib/archroot.sh) +# umask might have been changed in /etc/profile +# ensure that sane default is set again +umask 0022 + working_dir='' files=() diff --git a/archbuild.in b/archbuild.in index 163a108..709d70d 100644 --- a/archbuild.in +++ b/archbuild.in @@ -59,7 +59,7 @@ if ${clean_first} || [[ ! -d "${chroots}/${repo}-${arch}" ]]; then lock_close 9 rm -rf --one-file-system "${chroots}/${repo}-${arch}" - mkdir -p "${chroots}/${repo}-${arch}" + mkdir -m755 -p "${chroots}/${repo}-${arch}" setarch "${arch}" mkarchroot \ -C "@pkgdatadir@/pacman-${repo}.conf" \ -M "@pkgdatadir@/makepkg-${arch}.conf" \ diff --git a/mkarchroot.in b/mkarchroot.in index 7da19dc..6c42d3b 100644 --- a/mkarchroot.in +++ b/mkarchroot.in @@ -13,6 +13,10 @@ m4_include(lib/common.sh) m4_include(lib/archroot.sh) +# umask might have been changed in /etc/profile +# ensure that sane default is set again +umask 0022 + working_dir='' files=() |