Merge lp:~jtv/maas/bug-1042865 into lp:maas/trunk
| Status: | Merged |
|---|---|
| Approved by: | Jeroen T. Vermeulen on 2012-08-30 |
| Approved revision: | 945 |
| Merged at revision: | 947 |
| Proposed branch: | lp:~jtv/maas/bug-1042865 |
| Merge into: | lp:maas/trunk |
| Diff against target: |
35 lines (+7/-4) 1 file modified
scripts/maas-import-ephemerals (+7/-4) |
| To merge this branch: | bzr merge lp:~jtv/maas/bug-1042865 |
| Related bugs: |
| Reviewer | Review Type | Date Requested | Status |
|---|---|---|---|
| Gavin Panella (community) | 2012-08-30 | Approve on 2012-08-30 | |
|
Review via email:
|
|||
Commit Message
Fix permissions for ephemeral ("commissioning") PXE image directory in TFTP.
Description of the Change
If the import scripts run with an overly strict umask, maas-import-
The reason seems to be that the download code creates a temporary directory to download in, then sets a more permissive umask, and finally calls into maas-provision to install the new image — which copies the temporary directory including its permissions from the time with the stricter umask.
In this branch I address that in two ways:
1. The umask really didn't belong in the inner loop, since it affects global script state. I hoisted it up to a global level, so that the temporary directory is created with the new umask.
2. Before copying the image, I make it world-readable. The "X" flag on chmod pertains to the "search" permission. It sets the "x" bit on directories ("search") but not on files ("execute").
One open question is what happens to systems that had a non-world-readable directory created by an import script run from an older maas version. That might be worth fixing up in postinst for now. We don't need to carry it around forever: a permissions problem with the image go away as soon as the script downloads the first image update. (Also, chmod -R a+rX is much easier to do in shell than in python.)
Sadly, the ephemerals import script has not been made testable and is not tested. I can't even run it locally. We'll have to see in Q/A whether this really fixes the problem.
Jeroen
| Scott Moser (smoser) wrote : | # |
I really think you fixed this in the wrong place.
install_tftp_image "$wd" "$r_arch" "generic" "$r_release"
is what is called to "take this directory and install it to tftp".
it is *that* program that should take care to make sure it is consumable.
Not the caller.
| Scott Moser (smoser) wrote : | # |
Yeah.
This patch is wrong.
You should not globally change umask, which changes programs invoked by this program also.
Additionally, your change to umask is not even necessary as
a.) mktemp is going to still do the right thing and make temporary directories with secure permissions
$ sh -c 'umask a+r; d=$(mktemp -d); ls -ld $d; rmdir $d;'
drwx------ 2 smoser smoser 4096 Aug 31 10:00 /tmp/tmp.Ez8zyx2rh9
b.) you're doing a 'chmod -R' there anyway to open up permissions.
Nice.