ostbuild: Support marking files as setuid

author Colin Walters <walters@verbum.org>

Sun, 22 Jan 2012 18:31:22 +0000 (13:31 -0500)

committer Colin Walters <walters@verbum.org>

Sun, 22 Jan 2012 18:31:22 +0000 (13:31 -0500)
author Colin Walters <walters@verbum.org>
Sun, 22 Jan 2012 18:31:22 +0000 (13:31 -0500)
committer Colin Walters <walters@verbum.org>
Sun, 22 Jan 2012 18:31:22 +0000 (13:31 -0500)
diff --git a/src/ostbuild/pyostbuild/builtin_build.py b/src/ostbuild/pyostbuild/builtin_build.py

index 4c6c2e6eb33c598a4a424b9e6d6b901faf99c7c0..f8b20d40ee6f5d108844cabe34a8d42f13a61126 100755 (executable)
--- a/src/ostbuild/pyostbuild/builtin_build.py
+++ b/src/ostbuild/pyostbuild/builtin_build.py
@@ -283,13 +283,26 @@ class OstbuildBuild(builtins.Builtin):
          else:
              run_sync_monitor_log_file(chroot_args, log_path, cwd=component_src)
  
-        run_sync(['ostree', '--repo=' + self.repo,
-                  'commit', '-b', buildname, '-s', 'Build ' + artifact_meta['version'],
-                  '--add-metadata-string=ostbuild-buildroot-version=' + buildroot_version,
-                  '--add-metadata-string=ostbuild-artifact-version=' + artifact_meta['version'],
-                  '--owner-uid=0', '--owner-gid=0', '--no-xattrs', 
-                  '--skip-if-unchanged'],
-                 cwd=component_resultdir)
+        args = ['ostree', '--repo=' + self.repo,
+                'commit', '-b', buildname, '-s', 'Build ' + artifact_meta['version'],
+                '--add-metadata-string=ostbuild-buildroot-version=' + buildroot_version,
+                '--add-metadata-string=ostbuild-artifact-version=' + artifact_meta['version'],
+                '--owner-uid=0', '--owner-gid=0', '--no-xattrs', 
+                '--skip-if-unchanged']
+
+        setuid_files = meta.get('setuid', [])
+        statoverride_path = None
+        if len(setuid_files) > 0:
+            (fd, statoverride_path) = tempfile.mkstemp(suffix='.txt', prefix='ostbuild-statoverride-')
+            f = os.fdopen(fd, 'w')
+            for path in setuid_files:
+                f.write('+2048 ' + path)
+            f.close()
+            args.append('--statoverride=' + statoverride_path)
+            
+        run_sync(args, cwd=component_resultdir)
+        if statoverride_path is not None:
+            os.unlink(statoverride_path)
          return True
  
      def _compose(self, target, artifacts):
author	Colin Walters <walters@verbum.org>
	Sun, 22 Jan 2012 18:31:22 +0000 (13:31 -0500)
committer	Colin Walters <walters@verbum.org>
	Sun, 22 Jan 2012 18:31:22 +0000 (13:31 -0500)