diff --git a/files/files.go b/files/files.go index 2705f508..87156e8b 100644 --- a/files/files.go +++ b/files/files.go @@ -144,7 +144,6 @@ func (c *Content) WithFileInfoDefaults(umask fs.FileMode) *Content { cc.FileInfo.MTime = info.ModTime() } if cc.FileInfo.Mode == 0 { - fmt.Println("files.go:147", info.Mode().String(), (info.Mode() & ^umask).String()) cc.FileInfo.Mode = info.Mode() &^ umask } cc.FileInfo.Size = info.Size() @@ -463,7 +462,6 @@ func addTree(all map[string]*Content, tree *Content, umask os.FileMode) error { c.Type = TypeDir c.Destination = NormalizeAbsoluteDirPath(destination) - fmt.Println("files.go:446", info.Mode().String(), (info.Mode() &^ umask).String()) c.FileInfo = &ContentFileInfo{ Owner: "root", Group: "root", @@ -483,7 +481,6 @@ func addTree(all map[string]*Content, tree *Content, umask os.FileMode) error { c.Source = path c.Destination = NormalizeAbsoluteFilePath(destination) c.Type = TypeFile - fmt.Println("files.go:486", d.Type().String(), (d.Type() &^ umask).String()) c.FileInfo = &ContentFileInfo{ Mode: d.Type() &^ umask, } diff --git a/files/files_test.go b/files/files_test.go index e623e01e..2f56099f 100644 --- a/files/files_test.go +++ b/files/files_test.go @@ -2,6 +2,7 @@ package files_test import ( "os" + "path/filepath" "strconv" "strings" "sync" @@ -44,6 +45,10 @@ contents: } func TestDeepPathsWithGlobAndUmask(t *testing.T) { + path := filepath.Join(t.TempDir(), "foo", "bar", "zaz", "file.txt") + // create a bunch of files with bad permissions + require.NoError(t, os.MkdirAll(filepath.Dir(path), 0o777)) + require.NoError(t, os.WriteFile(path, nil, 0o777)) var config testStruct dec := yaml.NewDecoder(strings.NewReader(`--- contents: @@ -53,12 +58,14 @@ contents: mode: 0644 mtime: 2008-01-02T15:04:05Z - src: testdata/deep-paths/ - dst: /bla + dst: /bar +- src: ` + path + ` + dst: /foo/file.txt `)) dec.KnownFields(true) err := dec.Decode(&config) require.NoError(t, err) - require.Len(t, config.Contents, 2) + require.Len(t, config.Contents, 3) parsedContents, err := files.PrepareForPackager(config.Contents, 0o113, "", false) require.NoError(t, err) for _, c := range parsedContents { @@ -70,7 +77,10 @@ contents: require.Equal(t, "/bla/multi-nested/subdir/c.txt", c.Destination) require.Equal(t, "-rw-r--r--", c.Mode().String()) case "testdata/deep-paths/nested1/nested2/a.txt": - require.Equal(t, "/bla/nested1/nested2/a.txt", c.Destination) + require.Equal(t, "/bar/nested1/nested2/a.txt", c.Destination) + require.Equal(t, "-rw-rw-r--", c.Mode().String()) + case path: + require.Equal(t, "/foo/file.txt", c.Destination) require.Equal(t, "-rw-rw-r--", c.Mode().String()) } } diff --git a/nfpm.go b/nfpm.go index a14c6b59..3c59490a 100644 --- a/nfpm.go +++ b/nfpm.go @@ -75,9 +75,7 @@ func ParseWithEnvMapping(in io.Reader, mapping func(string) string) (config Conf } config.expandEnvVars() - - WithDefaults(&config.Info) - + config.Info = WithDefaults(config.Info) return config, nil } @@ -471,7 +469,7 @@ func Validate(info *Info) (err error) { } // WithDefaults set some sane defaults into the given Info. -func WithDefaults(info *Info) *Info { +func WithDefaults(info Info) Info { if info.Platform == "" { info.Platform = "linux" } @@ -484,6 +482,9 @@ func WithDefaults(info *Info) *Info { if info.Version == "" { info.Version = "v0.0.0-rc0" } + if info.Umask == 0 { + info.Umask = 0o02 + } switch info.VersionSchema { case "none": diff --git a/nfpm_test.go b/nfpm_test.go index 48b1a940..fc8df20c 100644 --- a/nfpm_test.go +++ b/nfpm_test.go @@ -37,81 +37,95 @@ func TestGet(t *testing.T) { } func TestDefaultsVersion(t *testing.T) { - info := &nfpm.Info{ + info := nfpm.WithDefaults(nfpm.Info{ Version: "v1.0.0", VersionSchema: "semver", - } - info = nfpm.WithDefaults(info) + }) require.NotEmpty(t, info.Platform) require.Equal(t, "1.0.0", info.Version) require.Equal(t, "", info.Release) require.Equal(t, "", info.Prerelease) - info = &nfpm.Info{ + info = nfpm.WithDefaults(nfpm.Info{ Version: "v1.0.0-rc1", - } - info = nfpm.WithDefaults(info) + }) require.Equal(t, "1.0.0", info.Version) require.Equal(t, "", info.Release) require.Equal(t, "rc1", info.Prerelease) - info = &nfpm.Info{ + info = nfpm.WithDefaults(nfpm.Info{ Version: "v1.0.0-beta1", - } - info = nfpm.WithDefaults(info) + }) require.Equal(t, "1.0.0", info.Version) require.Equal(t, "", info.Release) require.Equal(t, "beta1", info.Prerelease) - info = &nfpm.Info{ + info = nfpm.WithDefaults(nfpm.Info{ Version: "v1.0.0-1", Release: "2", Prerelease: "beta1", - } - info = nfpm.WithDefaults(info) + }) require.Equal(t, "1.0.0", info.Version) require.Equal(t, "2", info.Release) require.Equal(t, "beta1", info.Prerelease) - info = &nfpm.Info{ + info = nfpm.WithDefaults(nfpm.Info{ Version: "v1.0.0-1+xdg2", Release: "2", Prerelease: "beta1", - } - info = nfpm.WithDefaults(info) + }) require.Equal(t, "1.0.0", info.Version) require.Equal(t, "2", info.Release) require.Equal(t, "beta1", info.Prerelease) - info = &nfpm.Info{ + info = nfpm.WithDefaults(nfpm.Info{ Version: "this.is.my.version", VersionSchema: "none", Release: "2", Prerelease: "beta1", - } - info = nfpm.WithDefaults(info) + }) require.Equal(t, "this.is.my.version", info.Version) require.Equal(t, "2", info.Release) require.Equal(t, "beta1", info.Prerelease) } func TestDefaults(t *testing.T) { - info := &nfpm.Info{ - Platform: "darwin", - Version: "2.4.1", - Description: "no description given", - } - got := nfpm.WithDefaults(info) - require.Equal(t, info, got) + t.Run("all given", func(t *testing.T) { + info := nfpm.Info{ + Platform: "darwin", + Version: "2.4.1", + Description: "no description given", + Arch: "arm64", + Overridables: nfpm.Overridables{ + Umask: 0o112, + }, + } + got := nfpm.WithDefaults(info) + require.Equal(t, info, got) + }) + t.Run("none given", func(t *testing.T) { + got := nfpm.WithDefaults(nfpm.Info{}) + require.Equal(t, nfpm.Info{ + Platform: "linux", + Arch: "amd64", + Version: "0.0.0", + Prerelease: "rc0", + Description: "no description given", + Overridables: nfpm.Overridables{ + Umask: 0o002, + }, + }, got) + }) } func TestPrepareForPackager(t *testing.T) { t.Run("dirs", func(t *testing.T) { - info := nfpm.Info{ + info := nfpm.WithDefaults(nfpm.Info{ Name: "as", Arch: "asd", Version: "1.2.3", Overridables: nfpm.Overridables{ + Umask: 0o032, Contents: []*files.Content{ { Destination: "/usr/share/test", @@ -127,7 +141,7 @@ func TestPrepareForPackager(t *testing.T) { }, }, }, - } + }) require.NoError(t, nfpm.PrepareForPackager(&info, "")) require.Len(t, info.Overridables.Contents, 5) asdFile := info.Overridables.Contents[0] diff --git a/www/docs/configuration.md b/www/docs/configuration.md index b298c559..a359735d 100644 --- a/www/docs/configuration.md +++ b/www/docs/configuration.md @@ -195,15 +195,6 @@ contents: dst: /etc/bar.conf type: config|noreplace -# Umask to be used on files without explicit mode set. -# -# By default, nFPM will use the mode of the original file in the file system. -# This may lead to issues if these files are checkout out in Git, for example, -# as it won't keep all the permissions on fresh checkouts. -# -# 0o002 would remove the world-writable permission, for example. -umask: 0o002 - # These files are not actually present in the package, but the file names # are added to the package header. From the RPM directives documentation: # @@ -261,6 +252,20 @@ umask: 0o002 file_info: mode: 0700 +# Umask to be used on files without explicit mode set. +# +# By default, nFPM will inherit the mode of the original file that's being +# added. +# This may lead to issues if these files are checkout out in Git, for example, +# as it won't keep all the permissions on fresh checkouts, or if the local +# system has a problematic umask setting. +# +# This setting allows to set the umask for all files that are added to the +# package without a specific file_info.mode set. +# +# Default: 0o002 (will remove world-writable permissions) +umask: 0o002 + # Scripts to run at specific stages. (overridable) scripts: preinstall: ./scripts/preinstall.sh