format_rlimit,
make_executable,
one_zero,
- parents_below,
read_env_file,
round_up,
scopedenv,
continue
p.mkdir(parents=True, exist_ok=True)
-
- # If we created the directory in a parent directory owned by the invoking user, make sure the directories we
- # just created are owned by the invoking user as well.
- if (
- INVOKING_USER.is_regular_user() and
- (q := next((parent for parent in p.parents if parent.stat().st_uid == INVOKING_USER.uid), None))
- ):
- for parent in parents_below(p, q):
- os.chown(parent, INVOKING_USER.uid, INVOKING_USER.gid)
+ INVOKING_USER.chown(p)
# Discard setuid/setgid bits as these are inherited and can leak into the image.
if config.build_dir:
from mkosi.log import die
from mkosi.run import run, spawn
-from mkosi.util import flock
+from mkosi.util import flock, parents_below
SUBRANGE = 65536
if cls.is_regular_user() and any(p.stat().st_uid == cls.uid for p in path.parents) and path.exists():
run(["chown", "--recursive", f"{INVOKING_USER.uid}:{INVOKING_USER.gid}", path])
+ @classmethod
+ def chown(cls, path: Path) -> None:
+ # If we created a file/directory in a parent directory owned by the invoking user, make sure the path and any
+ # parent directories are owned by the invoking user as well.
+ if (
+ cls.is_regular_user() and
+ (q := next((parent for parent in path.parents if parent.stat().st_uid == cls.uid), None))
+ ):
+ os.chown(path, INVOKING_USER.uid, INVOKING_USER.gid)
+
+ for parent in parents_below(path, q):
+ os.chown(parent, INVOKING_USER.uid, INVOKING_USER.gid)
+
def read_subrange(path: Path) -> int:
uid = str(os.getuid())
projects / thirdparty / mkosi.git / commitdiff
