[OE-core] [PATCH] package.bbclass: improve permission handling

Thu Apr 14 00:14:29 UTC 2016

On Wed, 2016-04-13 at 16:17 -0600, Dan McGregor wrote:

From: Dan McGregor <dan.mcgregor at usask.ca<mailto:dan.mcgregor at usask.ca>>

Change fs_link_table to be keyed by path, just like fs_perms_table.
When a new entry is coming in for either table, remove any previous
entry for that path. This way later permission file entries override
earlier ones.

[YOCTO #9430]

Signed-off-by: Dan McGregor <dan.mcgregor at usask.ca<mailto:dan.mcgregor at usask.ca>>
---
 meta/classes/package.bbclass | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/meta/classes/package.bbclass b/meta/classes/package.bbclass
index 894b729..76b9f86 100644
--- a/meta/classes/package.bbclass
+++ b/meta/classes/package.bbclass
@@ -775,9 +775,13 @@ python fixup_perms () {
                 entry = fs_perms_entry(d.expand(line))
                 if entry and entry.path:
                     if entry.link:
-                        fs_link_table[entry.link] = entry
+                        fs_link_table[entry.path] = entry
+                        if entry.path in fs_perms_table:
+                            fs_perms_table.pop(entry.path)
                     else:
                         fs_perms_table[entry.path] = entry
+                        if entry.path in fs_link_table:
+                            fs_link_table.pop(entry.path)
             f.close()

     # Debug -- list out in-memory table
@@ -789,8 +793,9 @@ python fixup_perms () {
     # We process links first, so we can go back and fixup directory ownership
     # for any newly created directories
     # Process in sorted order so /run gets created before /run/lock, etc.
-    for link in sorted(fs_link_table):
-        dir = fs_link_table[link].path
+    for entry in sorted(fs_link_table.values(), key=lambda x: x.link):
+        link = entry.link
+        dir = entry.path
         origin = dvar + dir
         if not (cpath.exists(origin) and cpath.isdir(origin) and not cpath.islink(origin)):
             continue
--
2.8.1



Thanks, Dan! That looks good to me. One thought, though. Since you're looking for previous entries in the alternate tables (perms in link table and links in perm table), should we also consider searching the same table (link in links and perm in perms) in case someone used a private/local perms file to override a default (e.g., change a symlink /var/foo -> /run/foo to /var/foo -> /var/baz). In this case, it would keep the last one found, kind of like you're doing here. Just a thought.

    -Bill

