picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
Systemd/mkosi.build
Filipe Brandenburger b454cfb05c mkosi: set file permissions in copy of source tree (#8370) 
Meson keeps permissions around during the build, so details of how umask
was set when cloning the original git tree will leak all the way to the
installed files in the mkosi image.

So reset the permissions of the files in the copy of the tree before
starting the build.

Also set the umask explicitly.

Tested by creating a mkosi image and booting it on a tree that was
cloned with a umask of 027, confirmed that the *.target files were not
created as world-unreadable anymore.
2018-03-20 17:21:36 +01:00

110 lines
4.4 KiB
Bash
Executable file
Raw Blame History

#!/bin/sh
set -ex
# This file is part of systemd.
#
# Copyright 2016 Lennart Poettering
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# systemd is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with systemd; If not, see <http://www.gnu.org/licenses/>.
# This is a build script for OS image generation using mkosi (https://github.com/systemd/mkosi).
# Simply invoke "mkosi" in the project directory to build an OS image.
# Reset the permissions of the tree. Since Meson keeps the permissions
# all the way to the installed files, reset them to one of 0644 or 0755
# so the files keep those permissions, otherwise details of what umask
# was set at the time the git tree was cloned will leak all the way
# through. Also set umask explicitly during the build.
chmod -R u+w,go-w,a+rX .
umask 022
# If mkosi.builddir/ exists mkosi will set $BUILDDIR to it, let's then use it
# as out-of-tree build dir. Otherwise, let's make up our own builddir.
[ -z "$BUILDDIR" ] && BUILDDIR=build
# Meson uses Python 3 and requires a locale with an UTF-8 character map.
# Not running under UTF-8 makes the `ninja test` step break with a CodecError.
# So let's ensure we're running under UTF-8.
#
# If our current locale already is UTF-8, then we don't need to do anything:
if [ "$(locale charmap)" != "UTF-8" ] ; then
# Try using C.UTF-8 locale, if available. This locale is not shipped
# by upstream glibc, so it's not available in all distros.
# (In particular, it's not available in Arch Linux.)
export LC_CTYPE=C.UTF-8
if [ "$(locale charmap)" != "UTF-8" ] ; then
# Finally, try something like en_US.UTF-8, which should be
# available in Arch Linux, but is not present in Debian's
# minimal image in our mkosi config.
export LC_CTYPE=en_US.UTF-8
if [ "$(locale charmap)" != "UTF-8" ] ; then
# If nothing works, fail early.
echo "*** Could not find a valid locale that supports UTF-8. ***" >&2
exit 1
fi
fi
fi
if [ ! -f "$BUILDDIR"/build.ninja ] ; then
sysvinit_path=`realpath /etc/init.d`
nobody_user=`id -u -n 65534 2> /dev/null`
if [ "$nobody_user" != "" ] ; then
# Validate that we can translate forth and back
if [ "`id -u $nobody_user`" != 65534 ] ; then
nobody_user=""
fi
fi
if [ "$nobody_user" = "" ] ; then
if id -u nobody 2> /dev/null ; then
# The "nobody" user is defined already for something else, pick the Fedora name
nobody_user=nfsnobody
else
# The "nobody" user name is free, use it
nobody_user=nobody
fi
fi
nobody_group=`id -g -n 65534 2> /dev/null`
if [ "$nobody_group" != "" ] ; then
# Validate that we can translate forth and back
if [ "`id -g $nobody_group`" != 65534 ] ; then
nobody_group=""
fi
fi
if [ "$nobody_group" = "" ] ; then
if id -u nobody 2> /dev/null ; then
# The "nobody" group is defined already for something else, pick the Fedora name
nobody_group=nfsnobody
else
# The "nobody" group name is free, use it
nobody_group=nobody
fi
fi
meson "$BUILDDIR" -D "sysvinit-path=$sysvinit_path" -D default-hierarchy=unified -D man=false -D "nobody-user=$nobody_user" -D "nobody-group=$nobody_group"
fi
ninja -C "$BUILDDIR" all
[ "$WITH_TESTS" = 0 ] || ninja -C "$BUILDDIR" test || ( RET="$?" ; cat "$BUILDDIR"/meson-logs/testlog.txt ; exit "$RET" )
ninja -C "$BUILDDIR" install
mkdir -p "$DESTDIR"/etc
cat > "$DESTDIR"/etc/issue <<EOF
\S (built from systemd tree)
Kernel \r on an \m (\l)
EOF
Reference in a new issue View git blame Copy permalink