[OE-core] About pseudo's chmod

Mark Hatle mark.hatle at windriver.com
Tue Jul 5 13:10:57 UTC 2016 

On 7/5/16 5:23 AM, Robert Yang wrote:
> Hi,
> 
> When run "chmod 0444 <file>" under pseudo, it would always adds
> write permission for real file (and w + x for dir), which means that
> it runs as "chmod 0644 <file>". It does this on real file, not record
> this on pseudo's database. Here are the code from pseudo:
> 
> /* Root can read and write files, and enter directories which have no
>   * read, write, or execute permissions.  (But can't execute files without
>   * execute permissions!)
>   *
>   * A non-root user can't.
>   *
>   * When doing anything which actually writes to the filesystem, we add in
>   * the user read/write/execute bits.  When storing to the database, though,
>   * we mask out any such bits which weren't in the original mode.
>   */
> #define PSEUDO_FS_MODE(mode, isdir) (((mode) | S_IRUSR | S_IWUSR | ((isdir) ? 
> S_IXUSR : 0)) & ~(S_IWGRP | S_IWOTH))
> #define PSEUDO_DB_MODE(fs_mode, user_mode) (((fs_mode) & ~0722) | ((user_mode & 
> 0722)))
> 
> It has a side effect for -dbg pkgs if the source files foo.c's mode is 0444:
> 1) bitbake foo
> 2) Edit rpm-native
> 3) bitbake foo
> 
> After the first bitake foo, we will see that foo.c in foo-dbg is 0444, but
> after the second bitbake foo, foo.c in foo-dbg will be 0644, because the first
> build has changed src file foo.c's mode to 0644, this is incorrect.
> 
> I have two suggestions on it:
> 1) Don't add more permissions when chmod(e.g., don't change 0444 -> 0644),
>     The user can add it clearly if a file/dir really needs that.

As noted above, we have to adjust the permissions to writable, or we can not
make various changes later.  When working as the 'root' user, permissions are
basically ignored.  So a non-writable file is still writable.  The only way to
emulate this is to make the actual file writable.

I don't understand how/why on a second run the 0644 is showing up though.
Unless the pseudo database is wiped -- or the debug commands are not clearing
the split directories before writing into them, it should be creating new files
with the new pseudo database that follows the same semantics.

> 2) This mainly affects do_package task AFAIK, the code is:
>              if not cpath.islink(file):
>                  os.link(file, fpath)
>                  fstat = cpath.stat(file)
>                  os.chmod(fpath, fstat.st_mode)
>                  os.chown(fpath, fstat.st_uid, fstat.st_gid)
> 
>     Another solution is checking mode before run chmod, if we really need
>     run chmod, then copy the file rather than link.
> 
> Any suggestion is appreciated.
> 
> The following recipes in oe-core have this issue:
> blktool
> coreutils
> e2fsprogs
> gnutls
> guile
> gzip
> less
> lsof
> mtools
> opensp
> parted
> screen
> tcp-wrappers
>

More information about the Openembedded-core mailing list