From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from xenon.active-elements.de ([88.99.59.87]) by metis.ext.pengutronix.de with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1jix8r-0006tN-FV for ptxdist@pengutronix.de; Wed, 10 Jun 2020 11:35:32 +0200 Received: from Mail-10-6.ATS-Intranet.local (p57800e76.dip0.t-ipconnect.de [87.128.14.118]) by xenon.active-elements.de (Postfix) with ESMTPSA id 549654028F39 for ; Wed, 10 Jun 2020 11:35:26 +0200 (CEST) Date: Wed, 10 Jun 2020 11:35:24 +0200 From: Nico Lastzka Message-ID: <20200610093524.GG4898@develop-10-146> MIME-Version: 1.0 Content-Disposition: inline Subject: [ptxdist] Hard-coded directory permissions List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: ptxdist-bounces@pengutronix.de Sender: "ptxdist" To: ptxdist@pengutronix.de Hi, I ran into a problem with the latest ptxdist 2020.06 when trying to install an ssh key to "/root/.ssh/authorized_keys". --8<-------------------- #> ptxdist images ... # output skipped Incompatible ownership or permissions for '/root': image-enhancements: 0.0 0755 (implicit) rootfs: 0.0 0700 One of these packages must be fixed! -------------------->8-- Here, the "image-enhancements rule" contains the following code which breaks the image creation: @$(call install_copy, image_enhancements, 0, 0, 0400, $(PTXDIST_PLATFORMCONFIGDIR)/access/key-develop_id_ed25519.pub, /root/.ssh/authorized_keys ) I found the code in "scripts/lib/ptxd_lib_check_dir_permissions.awk" to be responsible for this issue. In this file the directory permissions are hardcoded. The following "patch" is my current workaround for this problem: --8<-------------------- diff --git a/scripts/lib/ptxd_lib_check_dir_permissions.awk b/scripts/lib/ptxd_lib_check_dir_permissions.awk index 9bd009f04..4ad132561 100644 --- a/scripts/lib/ptxd_lib_check_dir_permissions.awk +++ b/scripts/lib/ptxd_lib_check_dir_permissions.awk @@ -33,6 +33,9 @@ $1 ~ "f" { path = gensub(/\/[^/]*$/,"",1,path) if (path == "") break; - check(path, "0.0 0755", 1) + if (path == "/root") + check(path, "0.0 0700", 1) + else + check(path, "0.0 0755", 1) } } -------------------->8-- What would be a proper solution to this problem? _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de