shaba/ostree
1
0
Fork 0
mirror of https://github.com/ostreedev/ostree.git synced 2025-03-19 22:50:35 +03:00
Code Issues Projects Releases Wiki Activity

repo/commit: Support group-writable files for bare-user-only

Browse Source 
These exist in the wild for flatpak, and aren't really a problem. The canonical
permissions are still either `0755` or `0644`, we just support the additional
writable bit for the group (i.e. extend the set to include `0775` and `0664`)
now to avoid breaking some flatpak content.

Closes: #913
Approved by: alexlarsson
This commit is contained in:
Colin Walters 2017-06-07 13:18:04 -04:00 committed by Atomic Bot
parent 81e1f7761f
commit c81252c1e0
2 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/libostree/ostree-repo-commit.c
View File

@ -301,10 +301,10 @@ commit_loose_object_trusted (OstreeRepo *self,
self->mode == OSTREE_REPO_MODE_BARE_USER_ONLY
&& !object_is_symlink)
{
guint32 invalid_modebits = (mode & ~S_IFMT) & ~0755;
guint32 invalid_modebits = (mode & ~S_IFMT) & ~0775;
if (invalid_modebits > 0)
return glnx_throw (error, "Invalid mode 0%04o with bits 0%04o in bare-user-only repository",
mode, invalid_modebits);
mode, invalid_modebits);
if (fchmod (fd, mode) < 0)
return glnx_throw_errno_prefix (error, "fchmod");

14
tests/test-basic-user-only.sh
View File

@ -22,7 +22,7 @@ set -euo pipefail
. $(dirname $0)/libtest.sh
setup_test_repository "bare-user-only"
extra_basic_tests=1
extra_basic_tests=2
. $(dirname $0)/basic-test.sh
# Reset things so we don't inherit a lot of state from earlier tests
@ -47,3 +47,15 @@ if $CMD_PREFIX ostree pull-local --repo=repo repo-input 2>err.txt; then
fi
assert_file_has_content err.txt "Invalid mode.*with bits 040.*in bare-user-only"
echo "ok failed to commit suid"
cd ${test_tmpdir}
rm repo-input -rf
ostree_repo_init repo-input init --mode=archive
rm files -rf && mkdir files
echo "a group writable file" > files/some-group-writable
chmod 0664 files/some-group-writable
$CMD_PREFIX ostree --repo=repo-input commit -b content-with-group-writable --tree=dir=files
$CMD_PREFIX ostree pull-local --repo=repo repo-input
$CMD_PREFIX ostree --repo=repo checkout -U -H content-with-group-writable groupwritable-co
assert_file_has_mode groupwritable-co/some-group-writable 664
echo "ok supported group writable"