From 353ce2e521f57318c502c862457dc859d8d181a6 Mon Sep 17 00:00:00 2001 From: Paul Spooren Date: Fri, 7 Aug 2020 11:13:00 -1000 Subject: [PATCH] build: ipkg-build use fakeroot with PKG_FILE_MODES The `ipkg-build` script converts a folder into a `opkg` installable package. Until now it would use root:root for all packages and try to preserve file modes. This has the two drawbacks of packages want to add non-root files or add SUID files, like the `sudo` package does. To give more flexibility regarding file modes and avoid init script hacks, a new variable called `PKG_FILE_MODES`. The variable contains a list of files modes in the format `path:owner:group:mode`. An example for the `sudo` package below: ``` PKG_FILE_MODES:=\ /usr/bin/sudo:root:root:4755 \ /etc/sudoers:root:root:0440 ``` The `ipkg-build` now runs within a fakeroot environment to set any mode and directly store it in the resulting `ipk` package archive. Both options `-o` and `-g` are no longer required due to the introduction of the more flexible `-m` options, which takes the `PKG_FILE_MODES` as input. Lastly the option `-c` is removed as it's unused within the script. Signed-off-by: Paul Spooren --- include/package-ipkg.mk | 6 +----- scripts/ipkg-build | 41 +++++++++++++++++++++++++---------------- 2 files changed, 26 insertions(+), 21 deletions(-) diff --git a/include/package-ipkg.mk b/include/package-ipkg.mk index 622cbf3223..d8b65433c2 100644 --- a/include/package-ipkg.mk +++ b/include/package-ipkg.mk @@ -9,10 +9,6 @@ ifndef DUMP include $(INCLUDE_DIR)/feeds.mk endif -# invoke ipkg-build with some default options -IPKG_BUILD:= \ - $(SCRIPT_DIR)/ipkg-build -c -o 0 -g 0 - IPKG_REMOVE:= \ $(SCRIPT_DIR)/ipkg-remove @@ -262,7 +258,7 @@ $(_endef) endif $(INSTALL_DIR) $$(PDIR_$(1)) - $(IPKG_BUILD) $$(IDIR_$(1)) $$(PDIR_$(1)) + $(FAKEROOT) $(SCRIPT_DIR)/ipkg-build -m "$(PKG_FILE_MODES)" $$(IDIR_$(1)) $$(PDIR_$(1)) @[ -f $$(IPKG_$(1)) ] $(1)-clean: diff --git a/scripts/ipkg-build b/scripts/ipkg-build index 6e027bc546..0cbab9074e 100755 --- a/scripts/ipkg-build +++ b/scripts/ipkg-build @@ -77,23 +77,15 @@ pkg_appears_sane() { ### # ipkg-build "main" ### -ogargs="" -noclean=0 -usage="Usage: $0 [-c] [-C] [-o owner] [-g group] []" -while getopts "cg:ho:v" opt; do +file_modes="" +usage="Usage: $0 [-v] [-h] [-m] []" +while getopts "hvm:" opt; do case $opt in - o ) owner=$OPTARG - ogargs="--owner=$owner" - ;; - g ) group=$OPTARG - ogargs="$ogargs --group=$group" - ;; - c ) ;; - C ) noclean=1;; v ) echo $version exit 0 ;; h ) echo $usage >&2 ;; + m ) file_modes=$OPTARG ;; \? ) echo $usage >&2 esac done @@ -144,21 +136,38 @@ tmp_dir=$dest_dir/IPKG_BUILD.$$ mkdir $tmp_dir echo $CONTROL > $tmp_dir/tarX -# Preserve permissions (-p) when creating data.tar.gz as non-root user -( cd $pkg_dir && $TAR $ogargs -X $tmp_dir/tarX --format=gnu --sort=name -cpf - --mtime="$TIMESTAMP" . | $GZIP -n - > $tmp_dir/data.tar.gz ) +cd $pkg_dir +for file_mode in $file_modes; do + case $file_mode in + /*:*:*:*) + ;; + *) + echo "ERROR: file modes must use absolute path and contain user:group:mode" + echo "$file_mode" + exit 1 + ;; + esac + path=$(echo "$file_mode" | cut -d ':' -f 1) + user_group=$(echo "$file_mode" | cut -d ':' -f 2-3) + mode=$(echo "$file_mode" | cut -d ':' -f 4) + + chown "$user_group" "$pkg_dir/$path" + chmod "$mode" "$pkg_dir/$path" +done +$TAR -X $tmp_dir/tarX --format=gnu --sort=name -cpf - --mtime="$TIMESTAMP" . | $GZIP -n - > $tmp_dir/data.tar.gz installed_size=`stat -c "%s" $tmp_dir/data.tar.gz` sed -i -e "s/^Installed-Size: .*/Installed-Size: $installed_size/" \ $pkg_dir/$CONTROL/control -( cd $pkg_dir/$CONTROL && $TAR $ogargs --format=gnu --sort=name -cf - --mtime="$TIMESTAMP" . | $GZIP -n - > $tmp_dir/control.tar.gz ) +( cd $pkg_dir/$CONTROL && $TAR --format=gnu --sort=name -cf - --mtime="$TIMESTAMP" . | $GZIP -n - > $tmp_dir/control.tar.gz ) rm $tmp_dir/tarX echo "2.0" > $tmp_dir/debian-binary pkg_file=$dest_dir/${pkg}_${version}_${arch}.ipk rm -f $pkg_file -( cd $tmp_dir && $TAR $ogargs --format=gnu --sort=name -cf - --mtime="$TIMESTAMP" ./debian-binary ./data.tar.gz ./control.tar.gz | $GZIP -n - > $pkg_file ) +( cd $tmp_dir && $TAR --format=gnu --sort=name -cf - --mtime="$TIMESTAMP" ./debian-binary ./data.tar.gz ./control.tar.gz | $GZIP -n - > $pkg_file ) rm $tmp_dir/debian-binary $tmp_dir/data.tar.gz $tmp_dir/control.tar.gz rmdir $tmp_dir -- 2.30.2