WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] Re: [PATCH] install.sh: install as root with reasonable

from [Emmanuel Ackaouy] [Permanent Link][Original]
To: Horms <horms@xxxxxxxxxxxx>
Subject: Re: [Xen-devel] Re: [PATCH] install.sh: install as root with reasonable permissions
From: Emmanuel Ackaouy <ack@xxxxxxxxxxxxx>
Date: Thu, 15 Dec 2005 18:03:20 +0000
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 15 Dec 2005 18:05:18 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20051215151743.GG11024@xxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <20051215151743.GG11024@xxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.4.1i 
There are some problems with this patch as applied on top
of the unstable tree.

Recursive cp's into non-existing subdirs of the tmp
directory fail:

Installing Xen from './install' to '/'...
cp: `/tmp/tmp.RMnWQq3560/etc/init.d/': specified destination directory does not 
exist
...

For the patch to work, we'd also need to "mkdir -p" any directory
which is the destination of a "cp" into the tmp dir.


I'm also confused about the bug to start with:

As far as I can see, all Makefiles in the repository install
files into dist/install using /usr/bin/install with properly
set permissions. If one does not, then that would be a bug
and we ought to fix it. /usr/bin/install should also create
parent directories with appropriate permissions. The umask
of the person running the build should have no effect. Have I
missed something? Which files under /lib did you find created
with bad permissions? Perhaps this is a problem with the linux
build installing modules with permissions based on the umask
of the build process?

Cheers,
Emmanuel.


> From: Horms <horms@xxxxxxxxxxxx>
> [...]
> I played around with a few other ideas and I think that the /tmp option
> is a clean and easy solution. Here is a patch that does this.
> 
> # HG changeset patch
> # User Horms <horms@xxxxxxxxxxxx>
> # Node ID 651f32f67427ebb167eb2b6d921182bb21da2a7b
> # Parent  340bec28050f360b9d800fb354abfd6b5ee80bd2
> [INSTALL] Fix owner and permissions for installed files
> 
> Make sure that installed files have sensible permissions
> and are owned by the user running install, presumably root.
> 
> Without this patch, if the user that does the build has
> a restrictive umask, say 0077, and the install is done into /,
> then /lib, will become only accessable to that user.
> 
> Signed-Off-By: Horms <horms@xxxxxxxxxxxx>
> 
> diff -r 340bec28050f -r 651f32f67427 install.sh
> --- a/install.sh      Fri Dec  2 02:16:21 2005
> +++ b/install.sh      Fri Dec  2 02:21:15 2005
> @@ -22,19 +22,25 @@
>    exit 1
>  fi
>  
> +tmp="`mktemp -d`"
> +
>  echo "Installing Xen from '$src' to '$dst'..."
> -(cd $src; tar -cf - --exclude etc/init.d --exclude etc/hotplug --exclude 
> etc/udev * ) | tar -C $dst -xf -
> -cp -fdRL $src/etc/init.d/* $dst/etc/init.d/
> +(cd $src; tar -cf - --exclude etc/init.d --exclude etc/hotplug --exclude 
> etc/udev * ) | tar -C "$tmp" -xf -
> +cp -fdRL $src/etc/init.d/* "$tmp"/etc/init.d/
>  echo "All done."
>  
>  [ -x "$(which udevinfo)" ] && \
>    UDEV_VERSION=$(udevinfo -V | sed -e 's/^[^0-9]* 
> \([0-9]\{1,\}\)[^0-9]\{0,\}/\1/')
>  
>  if [ -n "$UDEV_VERSION" ] && [ $UDEV_VERSION -ge 059 ]; then
> -  cp -f $src/etc/udev/rules.d/*.rules $dst/etc/udev/rules.d/
> +  cp -f $src/etc/udev/rules.d/*.rules "$tmp/etc/udev/rules.d/"
>  else
> -  cp -f $src/etc/hotplug/*.agent $dst/etc/hotplug/
> +  cp -f $src/etc/hotplug/*.agent "$tmp/etc/hotplug/"
>  fi
> +
> +chmod -R a+rX "$tmp"
> +(cd $tmp; tar -cf - *) | tar --no-same-owner -C "$dst" -xf -
> +rm -r "$tmp"
>  
>  echo "Checking to see whether prerequisite tools are installed..."
>  cd $src/../check
> 
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] Libvir: a simple C virtualization control library, Daniel Veillard
Next by Date:  [Xen-devel] Xend listening for TCP HTTP?, Anthony Liguori
Previous by Thread:  [Xen-devel] [PATCH RESEND] enable swiotlb on i386 in linux-2.6-xen tree, Muli Ben-Yehuda
Next by Thread:  Re: [Xen-devel] Re: [PATCH] install.sh: install as root with reasonable permissions, Horms
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy