archbuild: use better umask
In commit 40a90e2cab
we tried to protect
against system umasks resulting in unreadable chroots. However, we tried
to do this in a targeted manner due to not wanting to fiddle with
permissions for user-owned files. Unfortuantely, mkdir -p -m755 does not
actually work that way -- the parent directory is created with broken
permissions. We need umask.
Run umask and mkdir in a subshell to prevent leakage.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
This commit is contained in:
parent
68f0bff172
commit
f8f2f02028
|
@ -68,7 +68,7 @@ if ${clean_first} || [[ ! -d "${chroots}/${repo}-${arch}" ]]; then
|
|||
lock_close 9
|
||||
|
||||
rm -rf --one-file-system "${chroots}/${repo}-${arch}"
|
||||
mkdir -m755 -p "${chroots}/${repo}-${arch}"
|
||||
(umask 0022; mkdir -p "${chroots}/${repo}-${arch}")
|
||||
setarch "${arch}" mkarchroot \
|
||||
-C "${pacman_config}" \
|
||||
-M "${makepkg_config}" \
|
||||
|
|
Loading…
Reference in New Issue