From 54b8cfefd61d6a24949c2fa5247b5f789aa063d8 Mon Sep 17 00:00:00 2001 From: Eric Fahlgren Date: Tue, 8 Oct 2024 06:11:12 -0700 Subject: [PATCH] util: set group:user on extracted tar members Set the gid:uid on the tar file members as we extract them from the build archive, so they are owned by a real user in both the container and on the host. Signed-off-by: Eric Fahlgren --- asu/util.py | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/asu/util.py b/asu/util.py index a80e586f..655dbb12 100644 --- a/asu/util.py +++ b/asu/util.py @@ -4,6 +4,7 @@ import json import logging import struct +from os import getuid, getgid from pathlib import Path from re import match from tarfile import TarFile @@ -119,7 +120,7 @@ def get_request_hash(build_request: BuildRequest) -> str: Creates a reproducible hash of the request by sorting the arguments Args: - req (dict): dict contianing request information + req (dict): dict containing request information Returns: str: hash of `req` @@ -185,7 +186,7 @@ def verify_usign(sig_file: Path, msg_file: Path, pub_key: str) -> bool: pub_key (str): public key to use for verification Returns: - bool: Sucessfull verification + bool: Successful verification Todo: Currently ignores keynum and pkalg @@ -270,10 +271,13 @@ def run_cmd( host_tar.write(data) host_tar.flush() - tar_file = TarFile(host_tar.name) - tar_file.extractall(copy[1]) - - host_tar.close() + with TarFile(host_tar.name) as tar_file: + for member in tar_file: + # Fix the owner of the copied files, change to "us". + member.uid = getuid() + member.gid = getgid() + member.mode = 0o755 if member.isdir() else 0o644 + tar_file.extractall(copy[1]) logging.debug(f"Closed {host_tar}") return returncode, stdout, stderr