alt-orchestra/talos
2
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: extension base folder permission

Browse Source 
The `modules.dep` kernel module dependency tree extension root path was
previously created with a permission of `0o700` which means the talos
root go a permission of `0o700` when the kernel module tree was re-built
when extensions providing kernel modules was enabled. This means that
any binaries lost the executable permission when ran as non-root
creating an `EACCES` error. Fix by making sure the temporary directory
created for building kernel modules tree has `0o755` permission
explicitly.

Signed-off-by: Noel Georgi <git@frezbo.dev>
This commit is contained in:
Noel Georgi
2023-02-27 19:42:59 +05:30
parent 609d3a8a69
commit 426fe9687d
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
internal/pkg/extensions/kernel_modules.go
View File

@ -144,6 +144,11 @@ func GenerateKernelModuleDependencyTreeExtension(extensionsPathWithKernelModules
return nil, err
}
// we want to make sure the root directory has the right permissions.
if err := os.Chmod(kernelModulesDependencyTreeStagingDir, 0o755); err != nil {
return nil, err
}
kernelModulesDepenencyTreeDirectory := filepath.Join(kernelModulesDependencyTreeStagingDir, constants.DefaultKernelModulesPath)
if err := os.MkdirAll(kernelModulesDepenencyTreeDirectory, 0o755); err != nil {