[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Re: [PATCH] install.sh: install as root with reasonable permissions

There are some problems with this patch as applied on top
of the unstable tree.

Recursive cp's into non-existing subdirs of the tmp
directory fail:

Installing Xen from './install' to '/'...
cp: `/tmp/tmp.RMnWQq3560/etc/init.d/': specified destination directory does not 
exist
...

For the patch to work, we'd also need to "mkdir -p" any directory
which is the destination of a "cp" into the tmp dir.


I'm also confused about the bug to start with:

As far as I can see, all Makefiles in the repository install
files into dist/install using /usr/bin/install with properly
set permissions. If one does not, then that would be a bug
and we ought to fix it. /usr/bin/install should also create
parent directories with appropriate permissions. The umask
of the person running the build should have no effect. Have I
missed something? Which files under /lib did you find created
with bad permissions? Perhaps this is a problem with the linux
build installing modules with permissions based on the umask
of the build process?

Cheers,
Emmanuel.


> From: Horms <horms@xxxxxxxxxxxx>
> [...]
> I played around with a few other ideas and I think that the /tmp option
> is a clean and easy solution. Here is a patch that does this.
> 
> # HG changeset patch
> # User Horms <horms@xxxxxxxxxxxx>
> # Node ID 651f32f67427ebb167eb2b6d921182bb21da2a7b
> # Parent  340bec28050f360b9d800fb354abfd6b5ee80bd2
> [INSTALL] Fix owner and permissions for installed files
> 
> Make sure that installed files have sensible permissions
> and are owned by the user running install, presumably root.
> 
> Without this patch, if the user that does the build has
> a restrictive umask, say 0077, and the install is done into /,
> then /lib, will become only accessable to that user.
> 
> Signed-Off-By: Horms <horms@xxxxxxxxxxxx>
> 
> diff -r 340bec28050f -r 651f32f67427 install.sh
> --- a/install.sh      Fri Dec  2 02:16:21 2005
> +++ b/install.sh      Fri Dec  2 02:21:15 2005
> @@ -22,19 +22,25 @@
>    exit 1
>  fi
>  
> +tmp="`mktemp -d`"
> +
>  echo "Installing Xen from '$src' to '$dst'..."
> -(cd $src; tar -cf - --exclude etc/init.d --exclude etc/hotplug --exclude 
> etc/udev * ) | tar -C $dst -xf -
> -cp -fdRL $src/etc/init.d/* $dst/etc/init.d/
> +(cd $src; tar -cf - --exclude etc/init.d --exclude etc/hotplug --exclude 
> etc/udev * ) | tar -C "$tmp" -xf -
> +cp -fdRL $src/etc/init.d/* "$tmp"/etc/init.d/
>  echo "All done."
>  
>  [ -x "$(which udevinfo)" ] && \
>    UDEV_VERSION=$(udevinfo -V | sed -e 's/^[^0-9]* 
> \([0-9]\{1,\}\)[^0-9]\{0,\}/\1/')
>  
>  if [ -n "$UDEV_VERSION" ] && [ $UDEV_VERSION -ge 059 ]; then
> -  cp -f $src/etc/udev/rules.d/*.rules $dst/etc/udev/rules.d/
> +  cp -f $src/etc/udev/rules.d/*.rules "$tmp/etc/udev/rules.d/"
>  else
> -  cp -f $src/etc/hotplug/*.agent $dst/etc/hotplug/
> +  cp -f $src/etc/hotplug/*.agent "$tmp/etc/hotplug/"
>  fi
> +
> +chmod -R a+rX "$tmp"
> +(cd $tmp; tar -cf - *) | tar --no-same-owner -C "$dst" -xf -
> +rm -r "$tmp"
>  
>  echo "Checking to see whether prerequisite tools are installed..."
>  cd $src/../check
> 
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.