Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Problem trying to install files owned as a particular user/group #178
I've been working with fpm for a few weeks now and overall it's a fantastic tool - I'm looking at moving one of our packages across to using fpm and have run into a issue trying to build packages that have files in them owned by a user other than root.
The packages I'm trying to build are debian packages.
I've had a poke around the source tree and from what I can tell most of the tarballs are created using a command like:
tar --owner=root --group=root -cf data.tar --no-recursion dir1 dir2 dir1/file1 dir1/file2
This seems to be overriding the ownership I've setup locally when getting the package structure ready.
I tried setting the ownership of the files in a --post-install script however this doesn't really seem like the right place to do it (it's quite over complicated to do this on a populated filesystem as well).
Is there a provision for this issue that I'm missing or are you able to give me any direction as to how I could fix it?
Some ideas I had:
Thanks a lot for your time! :)
Do you have an idea of how you're wanting to implement this yet?
I'd would probably be interested in making the change and submitting a pull request if you're able to give me an idea of what you want (otherwise I'm going to have to look at monkey patching fpm until you get around to it, which I'd rather not do if possible).
Not totally sure. Some options (any or all can be implemented)
Any or all of these can be implemented. I'll leave it a bit up to you, what is the easiest for your particular situation?
We could combine the first two options by allowing:
If the 'owner' or 'group' is set to '-' (dash) each file will be owned/grouped by the current owner at the time of packaging. So in your situation, I think you would do:
I'll have a go at implementing the first two in the combined manner that you suggested - I like that.
The easiest thing for me in my situation would be to pass the ownership through (i.e. fpm --owner user --group group), however I think the '-' functionality you suggested is nice as well.
I will get back to you early next week with a patch if possible.
Code is all looking fine so far, haven't had any trouble understanding anything :) will let you know if I run into anything that is a bit unclear though.
Just a question, have you been making any efforts to ensure that fpm doesn't require root privileges to run or anything like that? A few of the changes I'm looking at making will require root privileges (for preserving ownership on directories) so I'm just wondering how you'd like that to work? I haven't seen anything else in FPM that requires root which is why I'm asking
Yeah, fpm should run as non-root same as root.
For preserving file ownership, we can work around it. Separting file metadata (ownership) from the content of those files.
Long story short, maybe implement this how you feel best, and we can iterate on the code in a way that safely supports rpm/solaris/deb/etc package outputs while also not requiring root permissions.
As an example, in the RPM format, the rpm has a special header that lists all the file owners and groups separate from the files themselves. This makes it easy to set ownership in RPM, but for deb packages, the only way to really specify file owners is to use lame postinstall scripts :(