mkosi: set file permissions in copy of source tree (#8370)

Meson keeps permissions around during the build, so details of how umask was set when cloning the original git tree will leak all the way to the installed files in the mkosi image. So reset the permissions of the files in the copy of the tree before starting the build. Also set the umask explicitly. Tested by creating a mkosi image and booting it on a tree that was cloned with a umask of 027, confirmed that the *.target files were not created as world-unreadable anymore.
2018-03-20 09:21:36 -07:00 · 2018-03-20 09:21:36 -07:00 · b454cfb05c
parent 0d9fca76bb
commit b454cfb05c
1 changed files with 8 additions and 0 deletions
--- a/mkosi.build
+++ b/mkosi.build
@ -21,6 +21,14 @@ set -ex
 # This is a build script for OS image generation using mkosi (https://github.com/systemd/mkosi).
 # Simply invoke "mkosi" in the project directory to build an OS image.

+# Reset the permissions of the tree. Since Meson keeps the permissions
+# all the way to the installed files, reset them to one of 0644 or 0755
+# so the files keep those permissions, otherwise details of what umask
+# was set at the time the git tree was cloned will leak all the way
+# through. Also set umask explicitly during the build.
+chmod -R u+w,go-w,a+rX .
+umask 022
+
 # If mkosi.builddir/ exists mkosi will set $BUILDDIR to it, let's then use it
 # as out-of-tree build dir. Otherwise, let's make up our own builddir.
 [ -z "$BUILDDIR" ] && BUILDDIR=build