Skip to content

/tmp Permissions #663

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
fosskers merged 3 commits into from
Oct 29, 2020
Merged

/tmp Permissions #663

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0678f85
[aura] Be more careful about `/tmp` permissions
fosskers Oct 29, 2020
d31ee3e
[aura] 3.2.2
fosskers Oct 29, 2020
440addd
[aura] Be a little cleaner with the `chmod`
fosskers Oct 29, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions aura/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,13 @@
# Aura Changelog

## 3.2.2 (2020-10-29)

#### Fixed

- A bug involving permissions on the `/tmp` directory. [#661]

[#661]: https://github.com/fosskers/aura/issues/661

## 3.2.1 (2020-10-27)

With this release, Aura has passed 2,000 commits. Thank you for your ongoing support!
Expand Down
2 changes: 1 addition & 1 deletion aura/aura.cabal
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
cabal-version: 2.2
name: aura
version: 3.2.1
version: 3.2.2
synopsis: A secure package manager for Arch Linux and the AUR.
description:
Aura is a package manager for Arch Linux. It connects to both the
Expand Down
10 changes: 8 additions & 2 deletions aura/lib/Aura/Build.hs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -134,18 +134,24 @@ build' b = do
removeDirectoryRecursive buildDir
pure r

createWritableIfMissing :: FilePath -> RIO e ()
createWritableIfMissing :: FilePath -> RIO Env ()
createWritableIfMissing pth = do
exists <- doesDirectoryExist pth
if exists
-- This is a migration strategy - it ensures that directories created with
-- old versions of Aura automatically have their permissions fixed.
then void . runProcess . setStderr closed . setStdout closed $ proc "chmod" ["755", pth]
then case pth of
"/var/cache/aura/vcs" -> setMode "755"
"/tmp" -> setMode "1777"
_ -> pure ()
-- The library function `createDirectoryIfMissing` seems to obey umasks when
-- creating directories, which can cause problem later during the build
-- processes of git packages. By manually creating the directory with the
-- expected permissions, we avoid this problem.
else void . runProcess . setStderr closed . setStdout closed $ proc "mkdir" ["-p", "-m755", pth]
where
setMode :: String -> RIO Env ()
setMode mode = void . runProcess . setStderr closed . setStdout closed $ proc "chmod" [mode, pth]

-- | A unique directory name (within the greater "parent" build dir) in which to
-- copy sources and actually build a package.
Expand Down