WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] [PATCH] install.sh: install as root with reasonable perm

from [Robert Read] [Permanent Link][Original]
To: Horms <horms@xxxxxxxxxxxx>
Subject: Re: [Xen-devel] [PATCH] install.sh: install as root with reasonable permissions
From: Robert Read <robert@xxxxxxxxxxxxx>
Date: Wed, 30 Nov 2005 21:40:13 -0800
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 01 Dec 2005 05:40:03 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <dmlgd4$u1l$1@xxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <dmlgd4$u1l$1@xxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Currently install.sh doesn't change the source tree, which is a good thing. This allows it to be run by root when the tree is on a root squashing NFS export. If the permissions need fixing, can we doing it during the build instead? 

cheers,
robert

On Nov 30, 2005, at 16:33, Horms wrote:


Hi,

The topic of creating uninstall.sh came up recently, so I though I'd
throw this install.sh patch into the ring.
I noticed when running install.sh as non-root with a custom umask of 0077, that amongst other things /lib becamed owned by my userid with mode 0700. 
Which was not an entirley expected or desirable outcome.
The patch below attempts to make install.sh install files as root, with 
the permisions that would be created if umask is 0022. That is,
directories are at least mode 755, and files are at least mode 644.
Its a bit crude, but seems at the very least to be an improvement on the 
current situation.

An improvement would be to make sure that files are installed
into install/ with the permissions that they should ultimately
be installed into /root with. This would require somewhat more
extensive changes than the chown effected below.

--
Horms


# HG changeset patch
# User Horms <horms@xxxxxxxxxxxx>
# Node ID 1b6ef5cde5b123b86f1a11f0709d4b1347d47ce1
# Parent  37d3e34dfdac009eac2bb040ff79ae711b2d50f9
Make sure files are installed as root with reasonable permissions

* Fix the permissions in $src, as in some cases,
  particularly in lib and user/lib/python, they will
  have been created with the prevailing umask.
  After install this umask will cover /lib and /usr/lib/python,
  and if the umask is restrictive, this will cause all
  sorts of weird failures.
* Make sure files are installed using tar are installed as root.root

Signed-Off-By: Horms <horms@xxxxxxxxxxxx

diff -r 37d3e34dfdac -r 9570d0b15d6e install.sh
--- a/install.sh        Sat Nov 26 11:37:18 2005
+++ b/install.sh        Mon Nov 28 02:56:54 2005
@@ -22,8 +22,11 @@
   exit 1
 fi

+echo "Fixing permissions in '$src/lib'"
+find $src | xargs chmod a+rX
+
 echo "Installing Xen from '$src' to '$dst'..."
-(cd $src; tar -cf - --exclude etc/init.d --exclude etc/hotplug -- exclude etc/udev * ) | tar -C $dst -xf - +(cd $src; tar -cf - --owner 0 --group 0 --exclude etc/init.d -- exclude etc/hotplug --exclude etc/udev * ) | tar -C $dst -xf - 
 cp -fdRL $src/etc/init.d/* $dst/etc/init.d/
 echo "All done."

diff -r 37d3e34dfdac -r 1b6ef5cde5b1 install.sh
--- a/install.sh        Sat Nov 26 11:37:18 2005
+++ b/install.sh        Mon Nov 28 02:58:09 2005
@@ -22,8 +22,11 @@
   exit 1
 fi

+echo "Fixing permissions in '$src'"
+find $src | xargs chmod a+rX
+
 echo "Installing Xen from '$src' to '$dst'..."
-(cd $src; tar -cf - --exclude etc/init.d --exclude etc/hotplug -- exclude etc/udev * ) | tar -C $dst -xf - +(cd $src; tar -cf - --owner 0 --group 0 --exclude etc/init.d -- exclude etc/hotplug --exclude etc/udev * ) | tar -C $dst -xf - 
 cp -fdRL $src/etc/init.d/* $dst/etc/init.d/
 echo "All done."



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel




_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Xen-devel] domU won't recognise my block devices, James Harper
Next by Date:  [Xen-devel] Re: [PATCH] install.sh: install as root with reasonable?permissions, Horms
Previous by Thread:  [Xen-devel] [PATCH] install.sh: install as root with reasonable permissions, Horms
Next by Thread:  [Xen-devel] Re: [PATCH] install.sh: install as root with reasonable?permissions, Horms
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy