packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lib/sysroot: Match deployment /usr mode for overlay 

Rather than hardcoding 0755, let's directly look at what `/usr`'s mode
is and copy it when creating the overlay.

Closes: #1843
Approved by: cgwalters
This commit is contained in:
Jonathan Lebon 2019-04-24 09:42:56 -04:00 committed by Atomic Bot
parent 794f75ca61
commit ba96d7ed7a
1 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/libostree/ostree-sysroot.c
View File

@ -1771,6 +1771,14 @@ ostree_sysroot_deployment_unlock (OstreeSysroot *self,
if (!sepolicy) if (!sepolicy)
return FALSE; return FALSE;
/* we want our /usr overlay to have the same permission bits as the one we'll shadow */
mode_t usr_mode;
{ struct stat stbuf;
if (!glnx_fstatat (deployment_dfd, "usr", &stbuf, 0, error))
return FALSE;
usr_mode = stbuf.st_mode;
}
const char *ovl_options = NULL; const char *ovl_options = NULL;
static const char hotfix_ovl_options[] = "lowerdir=usr,upperdir=.usr-ovl-upper,workdir=.usr-ovl-work"; static const char hotfix_ovl_options[] = "lowerdir=usr,upperdir=.usr-ovl-upper,workdir=.usr-ovl-work";
switch (unlocked_state) switch (unlocked_state)
@ -1784,9 +1792,9 @@ ostree_sysroot_deployment_unlock (OstreeSysroot *self,
* directly for hotfixes. The ostree-prepare-root.c helper * directly for hotfixes. The ostree-prepare-root.c helper
* is also set up to detect and mount these. * is also set up to detect and mount these.
*/ */
if (!mkdir_unmasked (deployment_dfd, ".usr-ovl-upper", 0755, cancellable, error)) if (!mkdir_unmasked (deployment_dfd, ".usr-ovl-upper", usr_mode, cancellable, error))
return FALSE; return FALSE;
if (!mkdir_unmasked (deployment_dfd, ".usr-ovl-work", 0755, cancellable, error)) if (!mkdir_unmasked (deployment_dfd, ".usr-ovl-work", usr_mode, cancellable, error))
return FALSE; return FALSE;
ovl_options = hotfix_ovl_options; ovl_options = hotfix_ovl_options;
} }
@ -1804,7 +1812,7 @@ ostree_sysroot_deployment_unlock (OstreeSysroot *self,
{ g_auto(OstreeSepolicyFsCreatecon) con = { 0, }; { g_auto(OstreeSepolicyFsCreatecon) con = { 0, };
if (!_ostree_sepolicy_preparefscreatecon (&con, sepolicy, if (!_ostree_sepolicy_preparefscreatecon (&con, sepolicy,
"/usr", 0755, error)) "/usr", usr_mode, error))
return FALSE; return FALSE;
if (g_mkdtemp_full (development_ovldir, 0755) == NULL) if (g_mkdtemp_full (development_ovldir, 0755) == NULL)
@ -1812,10 +1820,10 @@ ostree_sysroot_deployment_unlock (OstreeSysroot *self,
} }
development_ovl_upper = glnx_strjoina (development_ovldir, "/upper"); development_ovl_upper = glnx_strjoina (development_ovldir, "/upper");
if (!mkdir_unmasked (AT_FDCWD, development_ovl_upper, 0755, cancellable, error)) if (!mkdir_unmasked (AT_FDCWD, development_ovl_upper, usr_mode, cancellable, error))
return FALSE; return FALSE;
development_ovl_work = glnx_strjoina (development_ovldir, "/work"); development_ovl_work = glnx_strjoina (development_ovldir, "/work");
if (!mkdir_unmasked (AT_FDCWD, development_ovl_work, 0755, cancellable, error)) if (!mkdir_unmasked (AT_FDCWD, development_ovl_work, usr_mode, cancellable, error))
return FALSE; return FALSE;
ovl_options = glnx_strjoina ("lowerdir=usr,upperdir=", development_ovl_upper, ovl_options = glnx_strjoina ("lowerdir=usr,upperdir=", development_ovl_upper,
",workdir=", development_ovl_work); ",workdir=", development_ovl_work);