New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cmd-buildextend-hashlist-experimental: make all directories in tmp checkout readable #3386
Conversation
Skipping CI for Draft Pull Request. |
The commit message here needs way more context. What is the problem? |
Yes, I just added it . I wanted to test it and then add the details before opening it for review. |
@jlebon @dustymabe
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we can use Closes:
for the tracker issue?
Also, instead of "permission changes", how about e.g. "make all directories in tmp checkout readable"?
f62dbe0
to
2ef2843
Compare
you need to squash the commits into one commit |
I have squashed the commits |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
We are changing the 'find' invocation permissions to access the /etc/credstore directory.'find' can't recurse into '/etc/credstore', we add 'x' so that it can recurse into it. With '+', 'find' accumulates paths and runs 'chmod' once (or batched by the arg limit). But for this, we need it to 'chmod' the dir before it tries to recurse into it, so we change to ';'. Fixes: coreos/fedora-coreos-tracker#1429
@dustymabe : there was a W291 (trailing whitespace) error which caused the CI check to fail. Fixed it now. This would need another approval. |
This reverts commit 3a94202. The underlying provlem should have been fixed by coreos/coreos-assembler#3386
This reverts commit 3a94202. The underlying problem should have been fixed by coreos/coreos-assembler#3386
With reference to the latest changes in systemd-253, on executing
cmd-builextend-hashlist-experimental
the defaulttmp
dir files configuration automatically creates/etc/credstore
with secure permissions. We are changing thefind
invocation permissions to access the/etc/credstore
directory.find
can't recurse into /etc/credstore, we addx
so that it can recurse into it. With+
, find accumulates paths and runschmod
once (or batched by the arg limit). But for this, we need it tochmod
the dir before it tries to recurse into it, so we change to;
Fixes : coreos/fedora-coreos-tracker#1429