Fix: /var/cache/distfiles writable by everyone (#1329)

As noted in commit 255c715624 `/var/cache/distfiles` is writable by everyone. It is supposed to be writable only by `root` and by the `abuild` group (in which we put the `pmos` user already for building packages). Changes: * `pmb.build.init()`: make `/var/cache/distfiles` writable only by members of the `abuild` group (and root) * Increase workfolder version to 2 * Add migration code that fixes the permissions for existing work folders * Refactor the migration code a bit to make this possible
2018-03-30 21:46:31 +00:00 · 2018-03-30 21:46:31 +00:00 · 4d8afc4aa5
parent 40db17d775
commit 4d8afc4aa5
4 changed files with 42 additions and 17 deletions
--- a/pmb/build/init.py
+++ b/pmb/build/init.py
@ -38,7 +38,9 @@ def init(args, suffix="native"):
                           build=False)

    # Fix permissions
-    pmb.chroot.root(args, ["chmod", "-R", "a+rw",
+    pmb.chroot.root(args, ["chown", "root:abuild",
+                           "/var/cache/distfiles"], suffix)
+    pmb.chroot.root(args, ["chmod", "g+w",
                           "/var/cache/distfiles"], suffix)

    # Generate package signing keys
--- a/pmb/config/init.py
+++ b/pmb/config/init.py
@ -42,7 +42,7 @@ apk_tools_static_min_version = "2.9.0-r0"
 # Version of the work folder (as asked during 'pmbootstrap init'). Increase
 # this number, whenever migration is required and provide the migration code,
 # see migrate_work_folder()).
-work_version = "1"
+work_version = 2

 # Only save keys to the config file, which we ask for in 'pmbootstrap init'.
 config_keys = ["ccache_size", "device", "extra_packages", "hostname", "jobs",
--- a/pmb/config/init.py
+++ b/pmb/config/init.py
@ -57,7 +57,7 @@ def ask_for_work_path(args):
            if not os.path.exists(ret):
                os.makedirs(ret, 0o700, True)
                with open(ret + "/version", "w") as handle:
-                    handle.write(pmb.config.work_version + "\n")
+                    handle.write(str(pmb.config.work_version) + "\n")

            # Make sure, that we can write into it
            os.makedirs(ret + "/cache_http", 0o700, True)
--- a/pmb/helpers/other.py
+++ b/pmb/helpers/other.py
@ -79,29 +79,30 @@ def check_binfmt_misc(args):
                       " armhf on x86_64):\n See: <" + link + ">")


-def migrate_success(args):
-    logging.info("Migration done")
+def migrate_success(args, version):
+    logging.info("Migration to version " + str(version) + " done")
    with open(args.work + "/version", "w") as handle:
-        handle.write(pmb.config.work_version + "\n")
+        handle.write(str(version) + "\n")


 def migrate_work_folder(args):
    # Read current version
-    current = "0"
+    current = 0
    path = args.work + "/version"
    if os.path.exists(path):
        with open(path, "r") as f:
-            current = f.read().rstrip()
+            current = int(f.read().rstrip())

    # Compare version, print warning or do nothing
    required = pmb.config.work_version
    if current == required:
        return
    logging.info("WARNING: Your work folder version needs to be migrated"
-                 " (from version " + current + " to " + required + ")!")
+                 " (from version " + str(current) + " to " + str(required) +
+                 ")!")

    # 0 => 1
-    if current == "0" and required == "1":
+    if current == 0:
        # Ask for confirmation
        logging.info("Changelog:")
        logging.info("* Building chroots have a different username: "
@ -119,15 +120,37 @@ def migrate_work_folder(args):
            pmb.helpers.run.root(args, ["sed", "-i",
                                        "s./home/user/./home/pmos/.g", conf])
        # Update version file
-        migrate_success(args)
-        return
+        migrate_success(args, 1)
+        current = 1
+
+    # 1 => 2
+    if current == 1:
+        # Ask for confirmation
+        logging.info("Changelog:")
+        logging.info("* Fix: cache_distfiles was writable for everyone")
+        logging.info("Migration will do the following:")
+        logging.info("* Fix permissions of '" + args.work +
+                     "/cache_distfiles'")
+        if not pmb.helpers.cli.confirm(args):
+            raise RuntimeError("Aborted.")
+
+        # Fix permissions
+        dir = "/var/cache/distfiles"
+        for cmd in [["chown", "-R", "root:abuild", dir],
+                    ["chmod", "-R", "664", dir],
+                    ["chmod", "a+X", dir]]:
+            pmb.chroot.root(args, cmd)
+        migrate_success(args, 2)
+        current = 2

    # Can't migrate, user must delete it
-    raise RuntimeError("Sorry, we can't migrate that automatically. Please run"
-                       " 'pmbootstrap shutdown', then delete your current work"
-                       " folder manually ('sudo rm -rf " + args.work +
-                       "') and start over with 'pmbootstrap init'. All your"
-                       " binary packages will be lost.")
+    if current != required:
+        raise RuntimeError("Sorry, we can't migrate that automatically. Please"
+                           " run 'pmbootstrap shutdown', then delete your"
+                           " current work folder manually ('sudo rm -rf " +
+                           args.work + "') and start over with 'pmbootstrap"
+                           " init'. All your binary packages and caches will"
+                           " be lost.")


 def validate_hostname(hostname):