diff options
author | Allan McRae <allan@archlinux.org> | 2014-03-08 20:46:21 +1000 |
---|---|---|
committer | Allan McRae <allan@archlinux.org> | 2014-03-12 13:13:49 +1000 |
commit | d8ee8d0c99c3820951e2e49dbdb71a5390bd1dc4 (patch) | |
tree | d86af5142452f6f7c069477a4196f1dadb854155 /scripts | |
parent | 61ba5c961e4a3536c4bbf41edb348987a9993fdb (diff) | |
download | pacman-d8ee8d0c99c3820951e2e49dbdb71a5390bd1dc4.tar.xz |
makepkg: enforce fakeroot usage
Packaging outside of fakeroot can result in incorrect permissions for
package files. It has been years since fakeroot issues during packaging
were common, so it is safe to enforce fakeroot usage. If using fakeroot
is impossible for some reason, a two line wrapper script will suffice to
fool makepkg.
Signed-off-by: Allan McRae <allan@archlinux.org>
Diffstat (limited to 'scripts')
-rw-r--r-- | scripts/makepkg.sh.in | 59 |
1 files changed, 12 insertions, 47 deletions
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 3107943b..905fe0d9 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -1827,7 +1827,7 @@ write_pkginfo() { msg2 "$(gettext "Generating %s file...")" ".PKGINFO" printf "# Generated by makepkg %s\n" "$makepkg_version" - (( INFAKEROOT )) && printf "# using %s\n" "$(fakeroot -v)" + printf "# using %s\n" "$(fakeroot -v)" printf "# %s\n" "$(LC_ALL=C date -u)" printf "pkgname = %s\n" "$pkgname" (( SPLITPKG )) && printf "pkgbase = %s\n" "$pkgbase" @@ -2312,7 +2312,7 @@ check_software() { local ret=0 # check for PACMAN if we need it - if (( ! INFAKEROOT && ( ! NODEPS || DEP_BIN || RMDEPS || INSTALL ) )); then + if (( ! NODEPS || DEP_BIN || RMDEPS || INSTALL )); then if [[ -z $PACMAN_PATH ]]; then error "$(gettext "Cannot find the %s binary required for dependency operations.")" "$PACMAN" ret=1 @@ -2320,16 +2320,16 @@ check_software() { fi # check for sudo if we will need it during makepkg execution - if (( ! INFAKEROOT && ( DEP_BIN || RMDEPS || INSTALL ) )); then + if (( DEP_BIN || RMDEPS || INSTALL )); then if ! type -p sudo >/dev/null; then warning "$(gettext "Cannot find the %s binary. Will use %s to acquire root privileges.")" "sudo" "su" fi fi - # fakeroot - building as non-root user + # fakeroot - correct package file permissions if check_buildenv "fakeroot" "y" && (( EUID > 0 )); then if ! type -p fakeroot >/dev/null; then - error "$(gettext "Cannot find the %s binary required for building as non-root user.")" "fakeroot" + error "$(gettext "Cannot find the %s binary.")" "fakeroot" ret=1 fi fi @@ -2790,11 +2790,6 @@ if (( ! INFAKEROOT )); then error "$(gettext "Running %s as root is not allowed as it can cause permanent,\n\ catastrophic damage to your system.")" exit 1 # $E_USER_ABORT - elif (( EUID > 0 )) && ! check_buildenv "fakeroot" "y"; then - warning "$(gettext "Running %s as an unprivileged user will result in non-root\n\ -ownership of the packaged files. Try using the %s environment by\n\ -placing %s in the %s array in %s.")" "makepkg" "fakeroot" "'fakeroot'" "BUILDENV" "$MAKEPKG_CONF" - sleep 1 fi else if [[ -z $FAKEROOTKEY ]]; then @@ -2956,12 +2951,7 @@ if (( SOURCEONLY )); then check_source_integrity cd_safe "$startdir" - # if we are root or if fakeroot is not enabled, then we don't use it - if ! check_buildenv "fakeroot" "y" || (( EUID == 0 )); then - create_srcpackage - else - enter_fakeroot - fi + enter_fakeroot msg "$(gettext "Source package created: %s")" "$pkgbase ($(date))" exit 0 @@ -3042,38 +3032,13 @@ else chmod a-srwx "$pkgdirbase" cd_safe "$startdir" - # if we are root or if fakeroot is not enabled, then we don't use it - if ! check_buildenv "fakeroot" "y" || (( EUID == 0 )); then - if (( ! REPKG )); then - if (( ! ( SPLITPKG || PKGFUNC ) )); then - chmod 755 "$pkgdirbase" - mkdir -p "$pkgdir" - fi - (( BUILDFUNC )) && run_build - (( CHECKFUNC )) && run_check - fi - chmod 755 "$pkgdirbase" - if (( ! SPLITPKG )); then - pkgdir="$pkgdirbase/$pkgname" - mkdir -p "$pkgdir" - if (( PKGFUNC )); then - run_package - fi - tidy_install - create_package - create_debug_package - else - run_split_packaging - fi - else - if (( ! REPKG )); then - (( BUILDFUNC )) && run_build - (( CHECKFUNC )) && run_check - cd_safe "$startdir" - fi - - enter_fakeroot + if (( ! REPKG )); then + (( BUILDFUNC )) && run_build + (( CHECKFUNC )) && run_check + cd_safe "$startdir" fi + + enter_fakeroot fi # if inhibiting archive creation, go no further |