projects / ostree.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 87db562)
builtins/commit: check for conflicting permissions options
authorLuca BRUNO <luca.bruno@coreos.com>
Tue, 17 Aug 2021 10:30:06 +0000 (10:30 +0000)
committerLuca BRUNO <luca.bruno@coreos.com>
Wed, 18 Aug 2021 08:16:26 +0000 (08:16 +0000)
This explicitly checks for commit command options asking for both
non-zero UID/GID and canonical permissions at the same time,
which are incompatible.

src/ostree/ot-builtin-commit.c patch | blob | history
tests/basic-test.sh patch | blob | history

diff --git a/src/ostree/ot-builtin-commit.c b/src/ostree/ot-builtin-commit.c
index 7a23741ee3a4c96d588f4c5d913ba2d385672e6b..5aecdbdbf052c1bf3ba63840e68e5c3a1e7f88a6 100644 (file)
--- a/src/ostree/ot-builtin-commit.c
+++ b/src/ostree/ot-builtin-commit.c
@@ -555,6 +555,23 @@ ostree_builtin_commit (int argc, char **argv, OstreeCommandInvocation *invocatio
       detached_metadata = g_variant_ref_sink (g_variant_builder_end (builder));
     }
 
+  /* Check for conflicting options */
+  if (opt_canonical_permissions && opt_owner_uid > 0)
+    {
+      glnx_throw (error, "Cannot specify both --canonical-permissions and non-zero --owner-uid");
+      goto out;
+    }
+  if (opt_canonical_permissions && opt_owner_gid > 0)
+    {
+      glnx_throw (error, "Cannot specify both --canonical-permissions and non-zero --owner-gid");
+      goto out;
+    }
+  if (opt_selinux_policy && opt_selinux_policy_from_base)
+    {
+      glnx_throw (error, "Cannot specify both --selinux-policy and --selinux-policy-from-base");
+      goto out;
+    }
+
   if (opt_no_xattrs)
     flags |= OSTREE_REPO_COMMIT_MODIFIER_FLAGS_SKIP_XATTRS;
   if (opt_consume)
@@ -570,11 +587,6 @@ ostree_builtin_commit (int argc, char **argv, OstreeCommandInvocation *invocatio
     flags |= OSTREE_REPO_COMMIT_MODIFIER_FLAGS_GENERATE_SIZES;
   if (opt_disable_fsync)
     ostree_repo_set_disable_fsync (repo, TRUE);
-  if (opt_selinux_policy && opt_selinux_policy_from_base)
-    {
-      glnx_throw (error, "Cannot specify both --selinux-policy and --selinux-policy-from-base");
-      goto out;
-    }
 
   if (flags != 0
       || opt_owner_uid >= 0
diff --git a/tests/basic-test.sh b/tests/basic-test.sh
index 03f2cb1b4bc33f202a7c4309ce3993c19bc8e2f1..4d1356ebd14cf9d9575a3cc82863362e212d8634 100644 (file)
--- a/tests/basic-test.sh
+++ b/tests/basic-test.sh
@@ -437,7 +437,7 @@ echo "ok user checkout"
 $OSTREE commit ${COMMIT_ARGS} -b test2 -s "Another commit" --tree=ref=test2
 echo "ok commit from ref"
 
-$OSTREE commit ${COMMIT_ARGS} -b test2 -s "Another commit with modifier" --tree=ref=test2 --owner-uid=`id -u`
+$OSTREE commit ${COMMIT_ARGS} -b test2 -s "Another commit with modifier" --tree=ref=test2 --owner-uid=0
 echo "ok commit from ref with modifier"
 
 $OSTREE commit ${COMMIT_ARGS} -b trees/test2 -s 'ref with / in it' --tree=ref=test2
Unnamed repository; edit this file 'description' to name the repository.