diff options
-rwxr-xr-x | src/chroot-tools/libremakepkg | 24 | ||||
-rw-r--r-- | test/test-common.sh | 1 |
2 files changed, 25 insertions, 0 deletions
diff --git a/src/chroot-tools/libremakepkg b/src/chroot-tools/libremakepkg index 1db9f08..96f86ab 100755 --- a/src/chroot-tools/libremakepkg +++ b/src/chroot-tools/libremakepkg @@ -54,6 +54,21 @@ indent() { "$_indent" ' | ' } +# Usage: _check_perms_dir $directory +# Make sure that $directory is readable and executable (searchable) by 'nobody' +check_directory_permissions() ( + local dir=$1 + # `cd` to the directory, then test `.`; that way if parent + # directories aren't readable, we aren't testing for that. We + # only need the last element in `$dir`. + cd "$dir" + if ! sudo -u nobody test -r . -a -x .; then + error "Directory '%s' must be readable by user 'nobody'" "$dir" + return 1 + fi + return 0 +) + # Usage: exit_copy $copydir $src_owner # End immediately, but copy log files out exit_copy() { @@ -236,6 +251,15 @@ main() { # Make sure that the various *DEST directories exist mkdir -p -- "$PKGDEST" "$SRCDEST" "$SRCPKGDEST" "$LOGDEST" + # Check the permissions for $startdir and $SRCDEST + ( + declare -i ret=0 + check_directory_permissions "$PWD" || ret=1 + if ! [[ "$PWD" -ef "$SRCDEST" ]]; then + check_directory_permissions "$SRCDEST" || ret=1 + fi + exit $ret + ) # OK, we are starting now ############################################## diff --git a/test/test-common.sh b/test/test-common.sh index 46e584d..3df7107 100644 --- a/test/test-common.sh +++ b/test/test-common.sh @@ -11,6 +11,7 @@ _before() { unset PKGEXT SRCEXT unset GPGKEY PACKAGER tmpdir="$(mktemp -d --tmpdir "test-${roundup_desc//\//-}.XXXXXXXXXXXX")" + chmod 755 "$tmpdir" stat=0 } |