Ensure we carry permissions from dirs while we create packages by delta

2025-08-31 06:35:12 +00:00 · 2021-05-01 00:14:01 +02:00
parent 946524f90d
commit f85891e362
6 changed files with 122 additions and 2 deletions
--- a/pkg/helpers/file.go
+++ b/pkg/helpers/file.go
@@ -167,9 +167,27 @@ func Read(file string) (string, error) {
 	return string(dat), nil
 }

+func EnsureDirPerm(src, dst string) {
+	if info, err := os.Lstat(filepath.Dir(src)); err == nil {
+		if _, err := os.Lstat(filepath.Dir(dst)); os.IsNotExist(err) {
+			err := os.MkdirAll(filepath.Dir(dst), info.Mode().Perm())
+			if err != nil {
+				fmt.Println("warning: failed creating", filepath.Dir(dst), err.Error())
+			}
+			if stat, ok := info.Sys().(*syscall.Stat_t); ok {
+				if err := os.Lchown(filepath.Dir(dst), int(stat.Uid), int(stat.Gid)); err != nil {
+					fmt.Println("warning: failed chowning", filepath.Dir(dst), err.Error())
+				}
+			}
+		}
+	} else {
+		EnsureDir(dst)
+	}
+}
+
 func EnsureDir(fileName string) error {
 	dirName := filepath.Dir(fileName)
-	if _, serr := os.Stat(dirName); serr != nil {
+	if _, serr := os.Stat(dirName); os.IsNotExist(serr) {
 		merr := os.MkdirAll(dirName, os.ModePerm) // FIXME: It should preserve permissions from src to dst instead
 		if merr != nil {
 			return merr
@@ -193,7 +211,7 @@ func CopyFile(src, dst string) (err error) {
 	fm := fi.Mode()
 	switch {
 	case fm&os.ModeNamedPipe != 0:
-		EnsureDir(dst)
+		EnsureDirPerm(src, dst)
 		if err := syscall.Mkfifo(dst, uint32(fi.Mode())); err != nil {
 			return errors.Wrap(err, "failed creating pipe")
 		}
@@ -205,6 +223,9 @@ func CopyFile(src, dst string) (err error) {
 		return nil
 	}

+	//filepath.Dir(src)
+	EnsureDirPerm(src, dst)
+
 	err = copy.Copy(src, dst, copy.Options{
 		Sync:      true,
 		OnSymlink: func(string) copy.SymlinkAction { return copy.Shallow }})
--- a/tests/fixtures/perms/pkgA/0.1/build.yaml
+++ b/tests/fixtures/perms/pkgA/0.1/build.yaml
@@ -0,0 +1,11 @@
+image: "alpine"
+unpack: true
+includes:
+  - /foo
+  - /foo/bar
+  - /foo/bar/.keep
+steps:
+- mkdir -p /foo/bar
+- touch /foo/bar/.keep
+- chown 100:100 /foo/bar
+- chown 101:101 /foo/bar/.keep
--- a/tests/fixtures/perms/pkgA/0.1/definition.yaml
+++ b/tests/fixtures/perms/pkgA/0.1/definition.yaml
@@ -0,0 +1,3 @@
+category: "test"
+name: "perms"
+version: "0.1"
--- a/tests/fixtures/perms/pkgB/0.1/build.yaml
+++ b/tests/fixtures/perms/pkgB/0.1/build.yaml
@@ -0,0 +1,7 @@
+image: "alpine"
+
+steps:
+- mkdir -p /foo/baz
+- touch /foo/baz/.keep
+- chown 100:100 /foo/baz
+- chown 101:101 /foo/baz/.keep
--- a/tests/fixtures/perms/pkgB/0.1/definition.yaml
+++ b/tests/fixtures/perms/pkgB/0.1/definition.yaml
@@ -0,0 +1,3 @@
+category: "test"
+name: "perms2"
+version: "0.1"
--- a/tests/integration/16_perms.sh
+++ b/tests/integration/16_perms.sh
@@ -0,0 +1,75 @@
+#!/bin/bash
+
+export LUET_NOLOCK=true
+
+oneTimeSetUp() {
+export tmpdir="$(mktemp -d)"
+}
+
+oneTimeTearDown() {
+    rm -rf "$tmpdir"
+}
+
+testBuild() {
+    mkdir $tmpdir/testbuild
+    luet build -d --tree "$ROOT_DIR/tests/fixtures/perms" --same-owner=true --destination $tmpdir/testbuild --compression gzip --full
+    buildst=$?
+    assertTrue 'create package perms 0.1' "[ -e '$tmpdir/testbuild/perms-test-0.1.package.tar.gz' ]"
+    assertEquals 'builds successfully' "$buildst" "0"
+}
+
+testRepo() {
+    assertTrue 'no repository' "[ ! -e '$tmpdir/testbuild/repository.yaml' ]"
+    luet create-repo --tree "$ROOT_DIR/tests/fixtures/perms" \
+    --output $tmpdir/testbuild \
+    --packages $tmpdir/testbuild \
+    --name "test" \
+    --descr "Test Repo" \
+    --urls $tmpdir/testrootfs \
+    --type http
+
+    createst=$?
+    assertEquals 'create repo successfully' "$createst" "0"
+    assertTrue 'create repository' "[ -e '$tmpdir/testbuild/repository.yaml' ]"
+}
+
+testConfig() {
+    mkdir $tmpdir/testrootfs
+    cat <<EOF > $tmpdir/luet.yaml
+general:
+  debug: true
+system:
+  rootfs: $tmpdir/testrootfs
+  database_path: "/"
+  database_engine: "boltdb"
+config_from_host: true
+repositories:
+   - name: "main"
+     type: "disk"
+     enable: true
+     urls:
+       - "$tmpdir/testbuild"
+EOF
+    luet config --config $tmpdir/luet.yaml
+    res=$?
+    assertEquals 'config test successfully' "$res" "0"
+}
+
+testInstall() {
+    $ROOT_DIR/tests/integration/bin/luet install -y --config $tmpdir/luet.yaml test/perms@0.1 test/perms2@0.1
+    installst=$?
+    assertEquals 'install test successfully' "$installst" "0"
+   
+    assertTrue 'package installed perms baz' "[ -d '$tmpdir/testrootfs/foo/baz' ]"
+    assertTrue 'package installed perms bar' "[ -d '$tmpdir/testrootfs/foo/bar' ]"
+
+    assertContains 'perms1' "$(stat -c %u:%g $tmpdir/testrootfs/foo/baz)" "100:100"
+    assertContains 'perms2' "$(stat -c %u:%g $tmpdir/testrootfs/foo/bar)" "100:100"
+    assertContains 'perms11' "$(stat -c %u:%g $tmpdir/testrootfs/foo/baz/.keep)" "101:101"
+    assertContains 'perms22' "$(stat -c %u:%g $tmpdir/testrootfs/foo/bar/.keep)" "101:101"
+}
+
+
+# Load shUnit2.
+. "$ROOT_DIR/tests/integration/shunit2"/shunit2
+