[ostree] ostbuild: Support marking files as setuid

From: Colin Walters <walters src gnome org>
To: commits-list gnome org
Cc:
Subject: [ostree] ostbuild: Support marking files as setuid
Date: Sun, 22 Jan 2012 18:33:21 +0000 (UTC)

commit 8e36e80896d774be4ddbd88e742e626b1ee52da8
Author: Colin Walters <walters verbum org>
Date:   Sun Jan 22 13:31:22 2012 -0500

    ostbuild: Support marking files as setuid

 src/ostbuild/pyostbuild/builtin_build.py |   27 ++++++++++++++++++++-------
 1 files changed, 20 insertions(+), 7 deletions(-)
---
diff --git a/src/ostbuild/pyostbuild/builtin_build.py b/src/ostbuild/pyostbuild/builtin_build.py
index 4c6c2e6..f8b20d4 100755
--- a/src/ostbuild/pyostbuild/builtin_build.py
+++ b/src/ostbuild/pyostbuild/builtin_build.py
@@ -283,13 +283,26 @@ class OstbuildBuild(builtins.Builtin):
         else:
             run_sync_monitor_log_file(chroot_args, log_path, cwd=component_src)
 
-        run_sync(['ostree', '--repo=' + self.repo,
-                  'commit', '-b', buildname, '-s', 'Build ' + artifact_meta['version'],
-                  '--add-metadata-string=ostbuild-buildroot-version=' + buildroot_version,
-                  '--add-metadata-string=ostbuild-artifact-version=' + artifact_meta['version'],
-                  '--owner-uid=0', '--owner-gid=0', '--no-xattrs', 
-                  '--skip-if-unchanged'],
-                 cwd=component_resultdir)
+        args = ['ostree', '--repo=' + self.repo,
+                'commit', '-b', buildname, '-s', 'Build ' + artifact_meta['version'],
+                '--add-metadata-string=ostbuild-buildroot-version=' + buildroot_version,
+                '--add-metadata-string=ostbuild-artifact-version=' + artifact_meta['version'],
+                '--owner-uid=0', '--owner-gid=0', '--no-xattrs', 
+                '--skip-if-unchanged']
+
+        setuid_files = meta.get('setuid', [])
+        statoverride_path = None
+        if len(setuid_files) > 0:
+            (fd, statoverride_path) = tempfile.mkstemp(suffix='.txt', prefix='ostbuild-statoverride-')
+            f = os.fdopen(fd, 'w')
+            for path in setuid_files:
+                f.write('+2048 ' + path)
+            f.close()
+            args.append('--statoverride=' + statoverride_path)
+            
+        run_sync(args, cwd=component_resultdir)
+        if statoverride_path is not None:
+            os.unlink(statoverride_path)
         return True
 
     def _compose(self, target, artifacts):

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]