[Cmake-commits] CMake branch, next, updated. v3.3.1-2956-g7b9bab0
Domen Vrankar
domen.vrankar at gmail.com
Tue Sep 15 18:20:09 EDT 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "CMake".
The branch, next has been updated
via 7b9bab0f445c8d56f4c0e95e5d28edda6df14d99 (commit)
via 271bc8d13beb1c24cabc30d4da8e1466825bd3a3 (commit)
via e96e8a73a860b987db0387516113c46b13c4aa4a (commit)
from bcb5fcebe81f80c4f97e7955617132b4d8bbbe69 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://cmake.org/gitweb?p=cmake.git;a=commitdiff;h=7b9bab0f445c8d56f4c0e95e5d28edda6df14d99
commit 7b9bab0f445c8d56f4c0e95e5d28edda6df14d99
Merge: bcb5fce 271bc8d
Author: Domen Vrankar <domen.vrankar at gmail.com>
AuthorDate: Tue Sep 15 18:20:07 2015 -0400
Commit: CMake Topic Stage <kwrobot at kitware.com>
CommitDate: Tue Sep 15 18:20:07 2015 -0400
Merge topic 'cpack-deb-fakeroot-removal' into next
271bc8d1 fixup! cmArchiveWrite: control user/group, permissions
e96e8a73 fixup! permissions on control files and strict Debian rules variable
http://cmake.org/gitweb?p=cmake.git;a=commitdiff;h=271bc8d13beb1c24cabc30d4da8e1466825bd3a3
commit 271bc8d13beb1c24cabc30d4da8e1466825bd3a3
Author: Domen Vrankar <domen.vrankar at gmail.com>
AuthorDate: Wed Sep 16 00:19:13 2015 +0200
Commit: Domen Vrankar <domen.vrankar at gmail.com>
CommitDate: Wed Sep 16 00:19:13 2015 +0200
fixup! cmArchiveWrite: control user/group, permissions
Fix for variable naming convention and conversion between signed and unsigned values
diff --git a/Source/CPack/cmCPackDebGenerator.cxx b/Source/CPack/cmCPackDebGenerator.cxx
index 55eeec5..9402689 100644
--- a/Source/CPack/cmCPackDebGenerator.cxx
+++ b/Source/CPack/cmCPackDebGenerator.cxx
@@ -453,10 +453,8 @@ int cmCPackDebGenerator::createDeb()
// uid/gid should be the one of the root user, and this root user has
// always uid/gid equal to 0.
- data_tar.SetUID(0);
- data_tar.SetGID(0);
- data_tar.SetUNAME("root");
- data_tar.SetGNAME("root");
+ data_tar.SetUIDAndGID(0u, 0u);
+ data_tar.SetUNAMEAndGNAME("root", "root");
// now add all directories which have to be compressed
// collect all top level install dirs for that
@@ -571,10 +569,8 @@ int cmCPackDebGenerator::createDeb()
"paxr");
// sets permissions and uid/gid for the files
- control_tar.SetUID(0);
- control_tar.SetGID(0);
- control_tar.SetUNAME("root");
- control_tar.SetGNAME("root");
+ control_tar.SetUIDAndGID(0u, 0u);
+ control_tar.SetUNAMEAndGNAME("root", "root");
/* permissions are set according to
https://www.debian.org/doc/debian-policy/ch-files.html#s-permissions-owners
@@ -623,7 +619,7 @@ int cmCPackDebGenerator::createDeb()
strictFiles + sizeof(strictFiles)/sizeof(strictFiles[0]));
// default
- control_tar.SetPermissions(-1);
+ control_tar.ClearPermissions();
std::vector<std::string> controlExtraList;
cmSystemTools::ExpandListArgument(controlExtra, controlExtraList);
diff --git a/Source/cmArchiveWrite.cxx b/Source/cmArchiveWrite.cxx
index f6a1b4f..7946950 100644
--- a/Source/cmArchiveWrite.cxx
+++ b/Source/cmArchiveWrite.cxx
@@ -84,11 +84,7 @@ cmArchiveWrite::cmArchiveWrite(
Archive(archive_write_new()),
Disk(archive_read_disk_new()),
Verbose(false),
- Format(format),
- uid(-1),
- gid(-1),
- permissions(-1),
- permissionsMask(-1)
+ Format(format)
{
switch (c)
{
@@ -288,29 +284,29 @@ bool cmArchiveWrite::AddFile(const char* file,
}
// manages the uid/guid of the entry (if any)
- if (this->uid > -1 && this->gid > -1)
+ if (this->Uid.IsSet() && this->Gid.IsSet())
{
- archive_entry_set_uid(e, this->uid);
- archive_entry_set_gid(e, this->gid);
+ archive_entry_set_uid(e, this->Uid.Get());
+ archive_entry_set_gid(e, this->Gid.Get());
}
- if (this->uname.size() && this->gname.size())
+ if (this->Uname.size() && this->Gname.size())
{
- archive_entry_set_uname(e, this->uname.c_str());
- archive_entry_set_gname(e, this->gname.c_str());
+ archive_entry_set_uname(e, this->Uname.c_str());
+ archive_entry_set_gname(e, this->Gname.c_str());
}
// manages the permissions
- if (this->permissions > -1)
+ if (this->Permissions.IsSet())
{
- archive_entry_set_perm(e, this->permissions);
+ archive_entry_set_perm(e, this->Permissions.Get());
}
- if (this->permissionsMask > -1)
+ if (this->PermissionsMask.IsSet())
{
mode_t perm = archive_entry_perm(e);
- archive_entry_set_perm(e, perm & this->permissionsMask );
+ archive_entry_set_perm(e, perm & this->PermissionsMask.Get());
}
// Clear acl and xattr fields not useful for distribution.
diff --git a/Source/cmArchiveWrite.h b/Source/cmArchiveWrite.h
index a42211c..945688e 100644
--- a/Source/cmArchiveWrite.h
+++ b/Source/cmArchiveWrite.h
@@ -18,6 +18,22 @@
# error "cmArchiveWrite not allowed during bootstrap build!"
#endif
+template<typename T>
+class cmArchiveWriteOptional
+{
+public:
+ cmArchiveWriteOptional() {this->Clear();}
+ explicit cmArchiveWriteOptional(T val) {this->Set(val);}
+
+ void Set(T val) {this->IsValueSet = true; this->Value=val;}
+ void Clear() {this->IsValueSet = false;}
+ bool IsSet() const {return this->IsValueSet;}
+ T Get() const {return Value;}
+private:
+ T Value;
+ bool IsValueSet;
+};
+
/** \class cmArchiveWrite
* \brief Wrapper around libarchive for writing.
*
@@ -74,51 +90,57 @@ public:
void SetMTime(std::string const& t) { this->MTime = t; }
//! Sets the permissions of the added files/folders
- //! @note set to -1 to use the default permissions
- long int SetPermissions(long int permissions_)
+ void SetPermissions(mode_t permissions_)
{
- std::swap(this->permissions, permissions_);
- return permissions_;
+ this->Permissions.Set(permissions_);
}
+ //! Clears permissions - default is used instead
+ void ClearPermissions() { this->Permissions.Clear(); }
+
//! Sets the permissions mask of files/folders
//!
//! The permissions will be copied from the existing file
//! or folder. The mask will then be applied to unset
//! some of them
- long int SetPermissionsMask(long int permissionsMask_)
+ void SetPermissionsMask(mode_t permissionsMask_)
+ {
+ this->PermissionsMask.Set(permissionsMask_);
+ }
+
+ //! Clears permissions mask - default is used instead
+ void ClearPermissionsMask()
{
- std::swap(this->permissionsMask, permissionsMask_);
- return permissionsMask_;
+ this->PermissionsMask.Clear();
}
- //! Sets the UID to be used in the tar file
- //! @return the previous UID
- //! @note set to -1 to disable the UID overriding
- long int SetUID( long int uid_ )
+ //! Sets UID and GID to be used in the tar file
+ void SetUIDAndGID(uid_t uid_, gid_t gid_)
{
- std::swap(this->uid, uid_);
- return uid_;
+ this->Uid.Set(uid_);
+ this->Gid.Set(gid_);
}
- std::string SetUNAME(std::string uname_)
+ //! Clears UID and GID to be used in the tar file - default is used instead
+ void ClearUIDAndGID()
{
- std::swap(this->uname, uname_);
- return uname_;
+ this->Uid.Clear();
+ this->Gid.Clear();
}
- //! Sets the UID to be used in the tar file
- //! @return the previous UID
- long int SetGID( long int gid_ )
+ //! Sets UNAME and GNAME to be used in the tar file
+ void SetUNAMEAndGNAME(const std::string& uname_, const std::string& gname_)
{
- std::swap(this->gid, gid_);
- return gid_;
+ this->Uname = uname_;
+ this->Gname = gname_;
}
- std::string SetGNAME(std::string gname_)
+ //! Clears UNAME and GNAME to be used in the tar file
+ //! default is used instead
+ void ClearUNAMEAndGNAME()
{
- std::swap(this->gname, gname_);
- return gname_;
+ this->Uname = "";
+ this->Gname = "";
}
private:
@@ -141,22 +163,21 @@ private:
std::string Error;
std::string MTime;
- //! UID of the user in the tar file. Set to -1
- //! to disable overriding
- long int uid;
+ //! UID of the user in the tar file
+ cmArchiveWriteOptional<uid_t> Uid;
//! GUID of the user in the tar file
- long int gid;
+ cmArchiveWriteOptional<gid_t> Gid;
//! UNAME/GNAME of the user (does not override UID/GID)
//!@{
- std::string uname;
- std::string gname;
+ std::string Uname;
+ std::string Gname;
//!@}
//! Permissions on files/folders
- long int permissions;
- long int permissionsMask;
+ cmArchiveWriteOptional<mode_t> Permissions;
+ cmArchiveWriteOptional<mode_t> PermissionsMask;
};
#endif
http://cmake.org/gitweb?p=cmake.git;a=commitdiff;h=e96e8a73a860b987db0387516113c46b13c4aa4a
commit e96e8a73a860b987db0387516113c46b13c4aa4a
Author: Raffi Enficiaud <raffi.enficiaud at mines-paris.org>
AuthorDate: Tue Sep 15 22:55:17 2015 +0200
Commit: Domen Vrankar <domen.vrankar at gmail.com>
CommitDate: Tue Sep 15 22:55:17 2015 +0200
fixup! permissions on control files and strict Debian rules variable
diff --git a/Modules/CPackDeb.cmake b/Modules/CPackDeb.cmake
index 754df91..93d51c3 100644
--- a/Modules/CPackDeb.cmake
+++ b/Modules/CPackDeb.cmake
@@ -330,8 +330,30 @@
# .. note::
#
# The original permissions of the files will be used in the final
-# package. In particular, the scripts should have the proper executable
+# package unless the variable
+# :variable:`CPACK_DEBIAN_PACKAGE_CONTROL_STRICT_PERMISSION` is set.
+# In particular, the scripts should have the proper executable
# flag prior to the generation of the package.
+#
+# .. variable:: CPACK_DEBIAN_PACKAGE_CONTROL_STRICT_PERMISSION
+# CPACK_DEBIAN_<COMPONENT>_PACKAGE_CONTROL_STRICT_PERMISSION
+#
+# This variable indicates if the Debian policy on control files should be
+# strictly followed.
+#
+# * Mandatory : NO
+# * Default : FALSE
+#
+# Usage::
+#
+# set(CPACK_DEBIAN_PACKAGE_CONTROL_STRICT_PERMISSION TRUE)
+#
+# .. note::
+#
+# This overrides the permissions on the original files, following the rules
+# set by Debian policy
+# https://www.debian.org/doc/debian-policy/ch-files.html#s-permissions-owners
+#
#=============================================================================
@@ -636,7 +658,7 @@ function(cpack_deb_prepare_package_vars)
# Are we packaging components ?
if(CPACK_DEB_PACKAGE_COMPONENT)
# override values with per component version if set
- foreach(VAR_NAME_ "PACKAGE_CONTROL_EXTRA")
+ foreach(VAR_NAME_ "PACKAGE_CONTROL_EXTRA" "PACKAGE_CONTROL_STRICT_PERMISSION")
if(CPACK_DEBIAN_${_local_component_name}_${VAR_NAME_})
set(CPACK_DEBIAN_${VAR_NAME_} "${CPACK_DEBIAN_${_local_component_name}_${VAR_NAME_}}")
endif()
@@ -658,6 +680,7 @@ function(cpack_deb_prepare_package_vars)
message("CPackDeb:Debug: CPACK_PACKAGE_FILE_NAME = ${CPACK_PACKAGE_FILE_NAME}")
message("CPackDeb:Debug: CPACK_PACKAGE_INSTALL_DIRECTORY = ${CPACK_PACKAGE_INSTALL_DIRECTORY}")
message("CPackDeb:Debug: CPACK_TEMPORARY_PACKAGE_FILE_NAME = ${CPACK_TEMPORARY_PACKAGE_FILE_NAME}")
+ message("CPackDeb:Debug: CPACK_DEBIAN_PACKAGE_CONTROL_STRICT_PERMISSION = ${CPACK_DEBIAN_PACKAGE_CONTROL_STRICT_PERMISSION}")
endif()
# For debian source packages:
@@ -694,6 +717,8 @@ function(cpack_deb_prepare_package_vars)
set(GEN_CPACK_DEBIAN_PACKAGE_PROVIDES "${CPACK_DEBIAN_PACKAGE_PROVIDES}" PARENT_SCOPE)
set(GEN_CPACK_DEBIAN_PACKAGE_REPLACES "${CPACK_DEBIAN_PACKAGE_REPLACES}" PARENT_SCOPE)
set(GEN_CPACK_DEBIAN_PACKAGE_CONTROL_EXTRA "${CPACK_DEBIAN_PACKAGE_CONTROL_EXTRA}" PARENT_SCOPE)
+ set(GEN_CPACK_DEBIAN_PACKAGE_CONTROL_STRICT_PERMISSION
+ "${CPACK_DEBIAN_PACKAGE_CONTROL_STRICT_PERMISSION}" PARENT_SCOPE)
set(GEN_WDIR "${WDIR}" PARENT_SCOPE)
endfunction()
diff --git a/Source/CPack/cmCPackDebGenerator.cxx b/Source/CPack/cmCPackDebGenerator.cxx
index 981d86d..55eeec5 100644
--- a/Source/CPack/cmCPackDebGenerator.cxx
+++ b/Source/CPack/cmCPackDebGenerator.cxx
@@ -576,9 +576,19 @@ int cmCPackDebGenerator::createDeb()
control_tar.SetUNAME("root");
control_tar.SetGNAME("root");
- // set md5sum file permissions to RW-R--R-- so that deb lintian
- // doesn't warn about it
- control_tar.SetPermissions(S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+ /* permissions are set according to
+ https://www.debian.org/doc/debian-policy/ch-files.html#s-permissions-owners
+ and
+ https://lintian.debian.org/tags/control-file-has-bad-permissions.html
+ */
+ const mode_t permission644 = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH;
+ const mode_t permissionExecute = S_IXUSR | S_IXGRP | S_IXOTH;
+ const mode_t permission755 = permission644 | permissionExecute;
+
+ // for md5sum and control (that we have generated here), we use 644
+ // (RW-R--R--)
+ // so that deb lintian doesn't warn about it
+ control_tar.SetPermissions(permission644);
// adds control and md5sums
if( !control_tar.Add(md5filename, strGenWDIR.length(), ".")
@@ -593,12 +603,28 @@ int cmCPackDebGenerator::createDeb()
return 0;
}
+ // for the other files, we use
+ // -either the original permission on the files
+ // -either a permission strictly defined by the Debian policies
const char* controlExtra =
this->GetOption("GEN_CPACK_DEBIAN_PACKAGE_CONTROL_EXTRA");
if( controlExtra )
{
// permissions are now controlled by the original file permissions
+
+ const bool permissionStrictPolicy =
+ this->IsSet("GEN_CPACK_DEBIAN_PACKAGE_CONTROL_STRICT_PERMISSION");
+
+ static const char* strictFiles[] = {
+ "config", "postinst", "postrm", "preinst", "prerm"
+ };
+ std::set<std::string> setStrictFiles(
+ strictFiles,
+ strictFiles + sizeof(strictFiles)/sizeof(strictFiles[0]));
+
+ // default
control_tar.SetPermissions(-1);
+
std::vector<std::string> controlExtraList;
cmSystemTools::ExpandListArgument(controlExtra, controlExtraList);
for(std::vector<std::string>::iterator i = controlExtraList.begin();
@@ -608,6 +634,12 @@ int cmCPackDebGenerator::createDeb()
cmsys::SystemTools::GetFilenameName(*i);
std::string localcopy = strGenWDIR + "/" + filenamename;
+ if(permissionStrictPolicy)
+ {
+ control_tar.SetPermissions(setStrictFiles.count(filenamename) ?
+ permission755 : permission644);
+ }
+
// if we can copy the file, it means it does exist, let's add it:
if( cmsys::SystemTools::CopyFileIfDifferent(*i, localcopy) )
{
diff --git a/Tests/CPackComponentsDEB/CMakeLists.txt b/Tests/CPackComponentsDEB/CMakeLists.txt
index 5c4eeab..5a5d626 100644
--- a/Tests/CPackComponentsDEB/CMakeLists.txt
+++ b/Tests/CPackComponentsDEB/CMakeLists.txt
@@ -80,6 +80,25 @@ set(CPACK_COMPONENT_HEADERS_DESCRIPTION
# depend on the libraries component.
set(CPACK_COMPONENT_HEADERS_DEPENDS libraries)
+# creates preinst/prerm scripts with specific permissions. Those permissions
+# (especially executable) should be in the final archive
+find_program(CHMOD_PROG chmod)
+if(CHMOD_PROG)
+ file(WRITE ${CMAKE_CURRENT_BINARY_DIR}/preinst "echo default_preinst")
+ file(WRITE ${CMAKE_CURRENT_BINARY_DIR}/prerm "echo default_prerm")
+
+ # Those should have 755 permission normally. We mess it up to see if
+ # CPACK_DEBIAN_APPLICATIONS_PACKAGE_CONTROL_STRICT_PERMISSION is able to fix
+ # it.
+ execute_process(COMMAND ${CHMOD_PROG} 640 ${CMAKE_CURRENT_BINARY_DIR}/preinst)
+ execute_process(COMMAND ${CHMOD_PROG} 640 ${CMAKE_CURRENT_BINARY_DIR}/prerm)
+
+ set(CPACK_DEBIAN_APPLICATIONS_PACKAGE_CONTROL_EXTRA
+ "${CMAKE_CURRENT_BINARY_DIR}/preinst;${CMAKE_CURRENT_BINARY_DIR}/prerm")
+
+ set(CPACK_DEBIAN_APPLICATIONS_PACKAGE_CONTROL_STRICT_PERMISSION TRUE)
+endif()
+
# We may use the CPack specific config file in order
# to tailor CPack behavior on a CPack generator specific way
# (Behavior would be different for RPM or TGZ or DEB ...)
-----------------------------------------------------------------------
Summary of changes:
Modules/CPackDeb.cmake | 29 ++++++++++-
Source/CPack/cmCPackDebGenerator.cxx | 54 +++++++++++++++-----
Source/cmArchiveWrite.cxx | 26 ++++------
Source/cmArchiveWrite.h | 85 +++++++++++++++++++------------
Tests/CPackComponentsDEB/CMakeLists.txt | 19 +++++++
5 files changed, 151 insertions(+), 62 deletions(-)
hooks/post-receive
--
CMake
More information about the Cmake-commits
mailing list