From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 093FA138334 for ; Mon, 2 Sep 2019 14:03:38 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 82D3FE086E; Mon, 2 Sep 2019 14:03:33 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 41F8FE0822 for ; Mon, 2 Sep 2019 14:03:33 +0000 (UTC) Received: from a1i15 (host2092.kph.uni-mainz.de [134.93.134.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: ulm) by smtp.gentoo.org (Postfix) with ESMTPSA id 768E434AA6A; Mon, 2 Sep 2019 14:03:30 +0000 (UTC) From: Ulrich =?utf-8?Q?M=C3=BCller?= To: Subject: [gentoo-dev] [PATCH] bzr.eclass: Respect the EVCS_UMASK variable. Date: Mon, 2 Sep 2019 15:48:58 +0200 Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" X-Archives-Salt: 4f92848f-2373-47ae-9756-04ae8bdcb5c1 X-Archives-Hash: 961b46368dc8c0d41d6ffd6d5d2d0935 --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Bug: https://bugs.gentoo.org/497798 Signed-off-by: Ulrich M=C3=BCller =2D-- eclass/bzr.eclass | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/eclass/bzr.eclass b/eclass/bzr.eclass index 10bd6bc7e5a..598a0f87fe6 100644 =2D-- a/eclass/bzr.eclass +++ b/eclass/bzr.eclass @@ -140,6 +140,17 @@ EXPORT_FUNCTIONS src_unpack # by users. : ${EBZR_OFFLINE=3D${EVCS_OFFLINE}} =20 +# @ECLASS-VARIABLE: EVCS_UMASK +# @DEFAULT_UNSET +# @DESCRIPTION: +# Set this variable to a custom umask. This is intended to be set by +# users. By setting this to something like 002, it can make life easier +# for people who do development as non-root (but are in the portage +# group), and then switch over to building with FEATURES=3Duserpriv. +# Or vice-versa. Shouldn't be a security issue here as anyone who has +# portage group write access already can screw the system over in more +# creative ways. + # @ECLASS-VARIABLE: EBZR_WORKDIR_CHECKOUT # @DEFAULT_UNSET # @DESCRIPTION: @@ -197,7 +208,7 @@ bzr_update() { # working copy. bzr_fetch() { local repo_dir branch_dir =2D local save_sandbox_write=3D${SANDBOX_WRITE} + local save_sandbox_write=3D${SANDBOX_WRITE} save_umask =20 [[ -n ${EBZR_REPO_URI} ]] || die "${EBZR}: EBZR_REPO_URI is empty" =20 @@ -214,6 +225,10 @@ bzr_fetch() { repo_dir=3D${EBZR_STORE_DIR}/${EBZR_PROJECT} branch_dir=3D${repo_dir}${EBZR_BRANCH:+/${EBZR_BRANCH}} =20 + if [[ -n ${EVCS_UMASK} ]]; then + save_umask=3D$(umask) + umask "${EVCS_UMASK}" || die + fi addwrite "${EBZR_STORE_DIR}" =20 if [[ ! -d ${branch_dir}/.bzr ]]; then @@ -240,8 +255,11 @@ bzr_fetch() { bzr_update "${EBZR_REPO_URI}" "${branch_dir}" fi =20 =2D # Restore sandbox environment + # Restore sandbox environment and umask SANDBOX_WRITE=3D${save_sandbox_write} + if [[ -n ${save_umask} ]]; then + umask "${save_umask}" || die + fi =20 cd "${branch_dir}" || die "${EBZR}: can't chdir to ${branch_dir}" =20 =2D-=20 2.23.0 --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEZlHkP3TnuTbxrN0HwwkGhRxhwnMFAl1tISgACgkQwwkGhRxh wnPNEwgA0lAyaEqaPf0Nn5GZ4gQ5T3VfdW/sFa1L9UAZC8T40QxvwMpj6oZcIVhX Bp2QQbywbEywo519hpa7bcJjsU0JWEpfsAd8OmU0YvbQsxGkwXLpn3U0NSFba5ID z6EbUuF/ZDPXGoqnhDDwd9M01hnvUqc73i5skKliRYxDS6h65R7q+3att3n/lOP4 /p18Q+0qbjt3Y+vL6OZ01/7EWRZ9bVQv//cWLCoR6C4Mcr3xkbcP6ojzChvd3JCD WcE7Pesa1p15nert5QgQhubsKN6nG4/21qBowFGJvzb+MAAbRjA7YXHOltz0tIqM uWh4ss4GwQ/gmFds6AdMgMFu3AclVQ== =6LFQ -----END PGP SIGNATURE----- --=-=-=--