From eee95ce4289c7ab1b43eae2013b2e9f34d2d9eed Mon Sep 17 00:00:00 2001 From: alexhulbert Date: Fri, 5 Dec 2025 20:57:31 +0900 Subject: [PATCH] Normalize u/o permissions to prevent umask issues --- Makefile | 10 +++------- base/mkosi.conf | 1 + base/normalize-umask.sh | 3 +++ scripts/check_perms.sh | 33 --------------------------------- 4 files changed, 7 insertions(+), 40 deletions(-) create mode 100755 base/normalize-umask.sh delete mode 100755 scripts/check_perms.sh diff --git a/Makefile b/Makefile index 877f2089..c17d14d8 100644 --- a/Makefile +++ b/Makefile @@ -24,15 +24,11 @@ ifndef IMAGE $(error IMAGE is not set. Please specify IMAGE= when running make build or make build-dev) endif -.PHONY: all build build-dev setup measure clean check-perms check-module +.PHONY: all build build-dev setup measure clean check-module # Default target all: build -# Ensure repo was cloned with correct permissions -check-perms: ## Check repository permissions - @scripts/check_perms.sh - # Setup dependencies (Linux only) setup: ## Install dependencies (Linux only) @scripts/setup_deps.sh @@ -41,11 +37,11 @@ preflight: @$(WRAPPER) echo "Ready to build" # Build module -build: check-perms setup ## Build the specified module +build: setup ## Build the specified module time $(WRAPPER) mkosi --force -I $(IMAGE).conf # Build module with devtools profile -build-dev: check-perms setup ## Build module with development tools +build-dev: setup ## Build module with development tools time $(WRAPPER) mkosi --force --profile=devtools -I $(IMAGE).conf ##@ Utilities diff --git a/base/mkosi.conf b/base/mkosi.conf index edfc6745..b9a0837c 100644 --- a/base/mkosi.conf +++ b/base/mkosi.conf @@ -23,6 +23,7 @@ FinalizeScripts=base/debloat.sh PostInstallationScripts=base/debloat-systemd.sh PostInstallationScripts=base/efi-stub.sh BuildScripts=kernel/mkosi.build +SyncScripts=base/normalize-umask.sh CleanPackageMetadata=true Packages=kmod diff --git a/base/normalize-umask.sh b/base/normalize-umask.sh new file mode 100755 index 00000000..b5d13b12 --- /dev/null +++ b/base/normalize-umask.sh @@ -0,0 +1,3 @@ +#!/bin/bash +set -euo pipefail +chmod -cR go-w "$SRCDIR" diff --git a/scripts/check_perms.sh b/scripts/check_perms.sh deleted file mode 100755 index 6e15f75d..00000000 --- a/scripts/check_perms.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -check_perms() { - local path="$1" - local expected_perms="$2" - - if [ ! -e "$path" ]; then - echo "Error: $path not found" - return 1 - fi - - # Cross-platform way to get octal permissions - perms=$(stat -c "%a" "$path" 2>/dev/null || stat -f "%OLp" "$path" 2>/dev/null) - - if [ "$perms" = "$expected_perms" ]; then - return 0 - else - echo "$path has incorrect permissions ($perms), expected $expected_perms" - return 1 - fi -} - -err=0 - -check_perms "base/mkosi.skeleton/init" "755" || err=1 -check_perms "base/mkosi.skeleton/etc" "755" || err=1 -check_perms "base/mkosi.skeleton/etc/resolv.conf" "644" || err=1 - -if [ $err -eq 1 ]; then - echo "Permission check failed!" - echo "Please run umask 0022 and re-clone the repository." - exit 1 -fi