forked from josch/mmdebstrap
make sure that the unshared user has read access to the included package files
This commit is contained in:
parent
0dfd9adf2b
commit
a6a31e60eb
1 changed files with 30 additions and 0 deletions
30
mmdebstrap
30
mmdebstrap
|
@ -5576,6 +5576,36 @@ sub main() {
|
||||||
$? == 0 or error "chown failed";
|
$? == 0 or error "chown failed";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# check if .deb files given by --include are readable by the unshared user
|
||||||
|
if ($options->{mode} eq 'unshare'
|
||||||
|
and scalar(grep { /^\// } @{ $options->{include} }) > 0) {
|
||||||
|
my $pid = get_unshare_cmd(
|
||||||
|
sub {
|
||||||
|
my $ret = 0;
|
||||||
|
foreach my $f (grep { /^\// } @{ $options->{include} }) {
|
||||||
|
# open the file for real because -r will report the file as
|
||||||
|
# readable even though open will fail (in contrast to the
|
||||||
|
# coreutils test utility, perl doesn't use faccessat)
|
||||||
|
my $res = open(my $fh, '<', $f);
|
||||||
|
if (!$res) {
|
||||||
|
warning "unshared user cannot access $f for reading";
|
||||||
|
$ret = 1;
|
||||||
|
} else {
|
||||||
|
close $fh;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
exit $ret;
|
||||||
|
},
|
||||||
|
\@idmap
|
||||||
|
);
|
||||||
|
waitpid $pid, 0;
|
||||||
|
if ($? != 0) {
|
||||||
|
warning "no read access for some packages for the unshared user";
|
||||||
|
warning "maybe try running mmdebstrap with "
|
||||||
|
. "--hook-dir=/usr/share/mmdebstrap/hooks/file-mirror-automount";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
# figure out whether we have mknod
|
# figure out whether we have mknod
|
||||||
$options->{havemknod} = 0;
|
$options->{havemknod} = 0;
|
||||||
if ($options->{mode} eq 'unshare') {
|
if ($options->{mode} eq 'unshare') {
|
||||||
|
|
Loading…
Reference in a new issue