This is an automated email from the ASF dual-hosted git repository. root pushed a commit to branch tlater/casd-socket-permissions in repository https://gitbox.apache.org/repos/asf/buildstream.git
commit cdbbe11baf3cc3d51fbc9159e52d4b6670225a94 Author: Tristan Maat <[email protected]> AuthorDate: Tue Nov 5 16:40:32 2019 +0000 workspaces.py: Make workspace config group-readable --- src/buildstream/_workspaces.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/buildstream/_workspaces.py b/src/buildstream/_workspaces.py index f9023dc..34ca92c 100644 --- a/src/buildstream/_workspaces.py +++ b/src/buildstream/_workspaces.py @@ -18,6 +18,7 @@ # Tristan Maat <[email protected]> import os +import stat from . import utils from . import _yaml @@ -128,6 +129,17 @@ class WorkspaceProject(): def write(self): os.makedirs(self._directory, exist_ok=True) _yaml.roundtrip_dump(self.to_dict(), self.get_filename()) + # _yaml.roundtrip_dump() will create a file with very tight + # permissions (600). This isn't necessary here, and actively + # problematic when we're staging workspaces in a userchroot + # environment, since we won't be able to to read the file as a + # different user. + os.chmod( + self.get_filename(), + stat.S_IRUSR | + stat.S_IWUSR | + stat.S_IRGRP, + ) # get_filename() #
