[lmi-commits] [lmi] master a7785d6 2/2: Resolve the root cause of chroot

lmi-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lmi-commits] [lmi] master a7785d6 2/2: Resolve the root cause of chroot

From:	Greg Chicares
Subject:	[lmi-commits] [lmi] master a7785d6 2/2: Resolve the root cause of chroot permissions problems
Date:	Wed, 19 Feb 2020 15:42:38 -0500 (EST)

branch: master
commit a7785d6a55713acab2fea59f812f3c6f3ebb91be
Author: Gregory W. Chicares <address@hidden>
Commit: Gregory W. Chicares <address@hidden>

    Resolve the root cause of chroot permissions problems
    
    The problem described here:
      https://lists.nongnu.org/archive/html/lmi/2020-02/msg00007.html
    was actually caused by an overly restrictive umask that had been imposed
    by some misbegotten /etc/corporate_profile . The problem vanishes when
    the umask is reset to 022, which is the default for redhat as well as
    debian. See:
      https://lists.nongnu.org/archive/html/lmi/2020-02/msg00018.html
---
 install_redhat.sh | 13 ++++---------
 1 file changed, 4 insertions(+), 9 deletions(-)

diff --git a/install_redhat.sh b/install_redhat.sh
index f6adbfc..32ed73b 100755
--- a/install_redhat.sh
+++ b/install_redhat.sh
@@ -28,6 +28,9 @@ set -evx
 stamp0=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
 echo "Started: $stamp0"
 
+# Override any too-restrictive corporate default (e.g., 077).
+umask 022
+
 # First, destroy any chroot left by a prior run.
 grep "${CHRTNAME}" /proc/mounts | cut -f2 -d" " | xargs umount || echo "None?"
 rm -rf /srv/chroot/"${CHRTNAME}"
@@ -76,21 +79,13 @@ yum --assumeyes install ca-certificates curl nss-pem
 #yum --assumeyes install 
https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
 yum --assumeyes install epel-release
 
-# Make the about-to-be-created chroot's root directory, and files and
-# directories created under it, accessible to the "lmi" group--see:
-#   https://lists.nongnu.org/archive/html/lmi/2020-02/msg00007.html
-# et seqq.
-mkdir -p   /srv/chroot/"${CHRTNAME}"
-chgrp lmi  /srv/chroot/"${CHRTNAME}"
-chmod 2770 /srv/chroot/"${CHRTNAME}"
-umask 0007
-
 yum --assumeyes install schroot
 # To show available debootstrap scripts:
 #   ls /usr/share/debootstrap/scripts
 
 # Install a debian chroot inside this centos chroot.
 yum --assumeyes install debootstrap
+mkdir -p /srv/chroot/"${CHRTNAME}"
 debootstrap "${CODENAME}" /srv/chroot/"${CHRTNAME}" 
http://deb.debian.org/debian/
 
 echo Installed debian "${CODENAME}".

[Prev in Thread]

Current Thread

[Next in Thread]

[lmi-commits] [lmi] master updated (e5f740b -> a7785d6), Greg Chicares, 2020/02/19
- [lmi-commits] [lmi] master 5a35a5e 1/2: Improve documentation, Greg Chicares, 2020/02/19
- [lmi-commits] [lmi] master a7785d6 2/2: Resolve the root cause of chroot permissions problems, Greg Chicares <=

Prev by Date: [lmi-commits] [lmi] master 5a35a5e 1/2: Improve documentation
Next by Date: [lmi-commits] [lmi] master 5979e13 1/2: Assert preconditions for redhat setup script
Previous by thread: [lmi-commits] [lmi] master 5a35a5e 1/2: Improve documentation
Next by thread: [lmi-commits] [lmi] master updated (a7785d6 -> 1d72971)
Index(es):
- Date
- Thread