From 8e36e80896d774be4ddbd88e742e626b1ee52da8 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Sun, 22 Jan 2012 13:31:22 -0500 Subject: [PATCH] ostbuild: Support marking files as setuid --- src/ostbuild/pyostbuild/builtin_build.py | 27 ++++++++++++++++++------ 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/src/ostbuild/pyostbuild/builtin_build.py b/src/ostbuild/pyostbuild/builtin_build.py index 4c6c2e6e..f8b20d40 100755 --- a/src/ostbuild/pyostbuild/builtin_build.py +++ b/src/ostbuild/pyostbuild/builtin_build.py @@ -283,13 +283,26 @@ class OstbuildBuild(builtins.Builtin): else: run_sync_monitor_log_file(chroot_args, log_path, cwd=component_src) - run_sync(['ostree', '--repo=' + self.repo, - 'commit', '-b', buildname, '-s', 'Build ' + artifact_meta['version'], - '--add-metadata-string=ostbuild-buildroot-version=' + buildroot_version, - '--add-metadata-string=ostbuild-artifact-version=' + artifact_meta['version'], - '--owner-uid=0', '--owner-gid=0', '--no-xattrs', - '--skip-if-unchanged'], - cwd=component_resultdir) + args = ['ostree', '--repo=' + self.repo, + 'commit', '-b', buildname, '-s', 'Build ' + artifact_meta['version'], + '--add-metadata-string=ostbuild-buildroot-version=' + buildroot_version, + '--add-metadata-string=ostbuild-artifact-version=' + artifact_meta['version'], + '--owner-uid=0', '--owner-gid=0', '--no-xattrs', + '--skip-if-unchanged'] + + setuid_files = meta.get('setuid', []) + statoverride_path = None + if len(setuid_files) > 0: + (fd, statoverride_path) = tempfile.mkstemp(suffix='.txt', prefix='ostbuild-statoverride-') + f = os.fdopen(fd, 'w') + for path in setuid_files: + f.write('+2048 ' + path) + f.close() + args.append('--statoverride=' + statoverride_path) + + run_sync(args, cwd=component_resultdir) + if statoverride_path is not None: + os.unlink(statoverride_path) return True def _compose(self, target, artifacts):