MAAS

Merge lp:~allenap/maas/maas-set-correct-file-permissions into lp:maas/trunk

  1. maas-set-correct-file-permissions
  2. Merge into trunk
Proposed by Gavin Panella on 2012-08-31
Status: Merged
Approved by: Andres Rodriguez on 2012-08-31
Approved revision: 957
Merged at revision: 956
Proposed branch: lp:~allenap/maas/maas-set-correct-file-permissions
Merge into: lp:maas/trunk
Diff against target: 83 lines (+26/-7)
3 files modified
scripts/maas-import-ephemerals (+0/-7)
src/provisioningserver/pxe/install_image.py (+8/-0)
src/provisioningserver/pxe/tests/test_install_image.py (+18/-0)
To merge this branch: bzr merge lp:~allenap/maas/maas-set-correct-file-permissions
Reviewer Review Type Date Requested Status
Scott Moser 2012-08-31 Approve on 2012-08-31
Review via email: mp+122310@code.launchpad.net

Commit Message

Normalise permissions of all files and directories installed via install-pxe-image.

Previously this was not done, and restrictive permissions could cause failures later on the TFTP server.

This also reverts revision 947, an earlier attempt to fix the same bug.

Description of the Change

This changes install_dir() to normalize

To post a comment you must log in.
Scott Moser (smoser) wrote :

its curious that you're doing chmod after you've put the files in place, given the big in comments there about a race condition. (which I honestly do not think that is a large concern as this will be very small window and not a common operation).

But why wouldn't you fix permissions *before* you move it into place?

lp:~allenap/maas/maas-set-correct-file-permissions updated on 2012-08-31
955. By Gavin Panella on 2012-08-31

Normalise permissions before the move.

Gavin Panella (allenap) wrote :

> But why wouldn't you fix permissions *before* you move it into place?

Good point, I've changed it to before. Thanks for spotting that.

Scott Moser (smoser) wrote :

Can you please revert the changes to maas-import-ephemerals that were incorrectly made at
https://code.launchpad.net/~jtv/maas/bug-1042865/+merge/121990

review: Needs Fixing
lp:~allenap/maas/maas-set-correct-file-permissions updated on 2012-08-31
956. By Gavin Panella on 2012-08-31

Revert revision 947; it did not have the desired effect.

957. By Gavin Panella on 2012-08-31

Remove another previous attempt to make install_tftp_image() dtrt.

Scott Moser (smoser) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'scripts/maas-import-ephemerals'
2--- scripts/maas-import-ephemerals 2012-08-30 05:57:05 +0000
3+++ scripts/maas-import-ephemerals 2012-08-31 17:38:20 +0000
4@@ -342,12 +342,6 @@
5 EOF
6 fi
7
8-
9-# All files we create here are public. The TFTP user will need to be
10-# able to read them.
11-umask a+r
12-
13-
14 updates=0
15 for release in $RELEASES; do
16 for arch in $ARCHES; do
17@@ -374,7 +368,6 @@
18 "$r_serial" "$r_arch" "$r_url" "$r_name" ||
19 fail "failed to prepare image for $release/$arch"
20
21- chmod -R a+rX "$wd"
22 install_tftp_image "$wd" "$r_arch" "generic" "$r_release"
23
24 target_name="${TARGET_NAME_PREFIX}${r_name}"
25
26=== modified file 'src/provisioningserver/pxe/install_image.py'
27--- src/provisioningserver/pxe/install_image.py 2012-08-30 11:19:16 +0000
28+++ src/provisioningserver/pxe/install_image.py 2012-08-31 17:38:20 +0000
29@@ -27,6 +27,7 @@
30 compose_image_path,
31 locate_tftp_path,
32 )
33+from twisted.python.filepath import FilePath
34
35
36 def make_destination(tftproot, arch, subarch, release, purpose):
37@@ -104,6 +105,13 @@
38 # much.
39 copytree(new, '%s.new' % old)
40
41+ # Normalise permissions.
42+ for filepath in FilePath('%s.new' % old).walk():
43+ if filepath.isdir():
44+ filepath.chmod(0755)
45+ else:
46+ filepath.chmod(0644)
47+
48 # Start of critical window.
49 if os.path.isdir(old):
50 os.rename(old, '%s.old' % old)
51
52=== modified file 'src/provisioningserver/pxe/tests/test_install_image.py'
53--- src/provisioningserver/pxe/tests/test_install_image.py 2012-08-30 11:19:16 +0000
54+++ src/provisioningserver/pxe/tests/test_install_image.py 2012-08-31 17:38:20 +0000
55@@ -34,6 +34,7 @@
56 FileExists,
57 Not,
58 )
59+from twisted.python.filepath import FilePath
60
61
62 def make_arch_subarch_release_purpose():
63@@ -191,3 +192,20 @@
64 FileContains(contents))
65 self.assertThat('%s.old' % published_image, Not(DirExists()))
66 self.assertThat('%s.new' % published_image, Not(DirExists()))
67+
68+ def test_install_dir_normalises_permissions(self):
69+ # install_dir() normalises directory permissions to 0755 and file
70+ # permissions to 0644.
71+ target_dir = FilePath(self.make_dir())
72+ new_dir = FilePath(self.make_dir())
73+ new_dir.chmod(0700)
74+ new_image = new_dir.child("image")
75+ new_image.touch()
76+ new_image.chmod(0600)
77+ install_dir(new_dir.path, target_dir.path)
78+ self.assertEqual(
79+ "rwxr-xr-x",
80+ target_dir.getPermissions().shorthand())
81+ self.assertEqual(
82+ "rw-r--r--",
83+ target_dir.child("image").getPermissions().shorthand())