Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Closes GH-622 (I hope) Don't untar as nobody.

Since it has to walk the dir chown/chmod'ing anyway, untarring with a
specific uid/gid is largely unnecessary, and only causes problems.
  • Loading branch information...
commit e7e5292fa7aa8e06bc69aec261daaa6c7aaab27f 1 parent 3024e96
Isaac Z. Schlueter isaacs authored

Showing 1 changed file with 6 additions and 2 deletions. Show diff stats Hide diff stats

  1. +6 2 lib/cache.js
8 lib/cache.js
@@ -410,18 +410,22 @@ function unpackTar (tarball, unpackTarget, dMode, fMode, uid, gid, cb) {
410 410
411 411 function unpackTar_ ( tarball, unpackTarget, dMode, fMode, uid, gid, cb ) {
412 412 mkdir(unpackTarget, dMode || DMODE, uid, gid, function (er) {
  413 + log.verbose([uid, gid], "unpackTar_ uid, gid")
413 414 if (er) return log.er(cb, "Could not create "+unpackTarget)(er)
414 415 // cp the gzip of the tarball, pipe the stdout into tar's stdin
415 416 // gzip {tarball} --decompress --stdout | tar xf - --strip-components=1 -C {unpackTarget}
416 417 pipe( spawn( npm.config.get("gzipbin")
417 418 , ["--decompress", "--stdout", tarball]
418   - , process.env, false, null, uid, gid )
  419 + , process.env, false )
419 420 , spawn( npm.config.get("tar")
420 421 , ["-mvxpf", "-", "-C", unpackTarget]
421   - , process.env, false, null, uid, gid )
  422 + , process.env, false )
422 423 , function (er) {
  424 + // if we're not doing ownership management,
  425 + // then we're done now.
423 426 if (er) return log.er(cb,
424 427 "Failed unpacking "+tarball+" to "+unpackTarget)(er)
  428 + if (npm.config.get("unsafe-perm")) return cb(er)
425 429 find(unpackTarget, function (f) {
426 430 return f !== unpackTarget
427 431 }, function (er, files) {

0 comments on commit e7e5292

Please sign in to comment.
Something went wrong with that request. Please try again.