summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEli Schwartz <eschwartz@archlinux.org>2019-03-28 22:40:47 +0100
committerLevente Polyak <anthraxx@archlinux.org>2019-08-09 19:41:52 +0200
commit40a90e2cab479cc64903a62b42eb617a8a7e5842 (patch)
treeb4937b668a023e6582e9125e3fd1cf601ab4ed7a
parent74a664194602edf042b38869858e5a601e7f91dd (diff)
downloaddevtools-40a90e2cab479cc64903a62b42eb617a8a7e5842.tar.gz
devtools-40a90e2cab479cc64903a62b42eb617a8a7e5842.tar.xz
ensure that sane umask is used where needed
If a user umask is restrictive, a chroot may be created as root without the ability for the user to read it, which then causes makepkg --verifysource to fail. Do not set this in lib/common.sh, where it would apply to all scripts, as we do not want to override the user's policy for things like $SRCDEST files, svn checkouts, etc. Fixes FS#47625 Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
-rw-r--r--arch-nspawn.in4
-rw-r--r--archbuild.in2
-rw-r--r--mkarchroot.in4
3 files changed, 9 insertions, 1 deletions
diff --git a/arch-nspawn.in b/arch-nspawn.in
index fb2b53e..8a87b96 100644
--- a/arch-nspawn.in
+++ b/arch-nspawn.in
@@ -13,6 +13,10 @@
m4_include(lib/common.sh)
m4_include(lib/archroot.sh)
+# umask might have been changed in /etc/profile
+# ensure that sane default is set again
+umask 0022
+
working_dir=''
files=()
diff --git a/archbuild.in b/archbuild.in
index 163a108..709d70d 100644
--- a/archbuild.in
+++ b/archbuild.in
@@ -59,7 +59,7 @@ if ${clean_first} || [[ ! -d "${chroots}/${repo}-${arch}" ]]; then
lock_close 9
rm -rf --one-file-system "${chroots}/${repo}-${arch}"
- mkdir -p "${chroots}/${repo}-${arch}"
+ mkdir -m755 -p "${chroots}/${repo}-${arch}"
setarch "${arch}" mkarchroot \
-C "@pkgdatadir@/pacman-${repo}.conf" \
-M "@pkgdatadir@/makepkg-${arch}.conf" \
diff --git a/mkarchroot.in b/mkarchroot.in
index 7da19dc..6c42d3b 100644
--- a/mkarchroot.in
+++ b/mkarchroot.in
@@ -13,6 +13,10 @@
m4_include(lib/common.sh)
m4_include(lib/archroot.sh)
+# umask might have been changed in /etc/profile
+# ensure that sane default is set again
+umask 0022
+
working_dir=''
files=()