WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: Here's why submitqc file perms check doesn't work  (Read 2103 times)

Offline Sashank999

  • Sr. Member
  • ****
  • Posts: 395
Here's why submitqc file perms check doesn't work
« on: November 12, 2020, 08:31:39 AM »
Hi !

I was just adding more features in submitqc and found this bug. The file permissions check will not work in submitqc because some variables are modified in a subshell. Here is a part of the function :
Code: [Select]
 
  # the startup directory was tested in checkstartup(). Ignore it at this point.
 
  # Find directories without root:root and/or 755. Skip tce.installed.
  # Test all files. root:root. executables 755, others 644. Skip tce.installed.

  # begin rotdash section - these finds can take awhile.
  (
  D_RR="$(find -type d -not -user root | grep -v usr/local/tce.installed; \
    find -type d -not -group root | grep -v usr/local/tce.installed)"
  D_755="$(find -type d -not -perm 755 | grep -v usr/local/tce.installed)"
   
  F_RR="$(find -type f -not -user root | grep -v usr/local/tce.installed; \
    find -mindepth 1 -type f -not -group root \
    | grep -v usr/local/tce.installed)"
  F_755="$(find -type f -not -perm 755 -exec file {} \; | grep 'executable' \
    | grep -v usr/local/tce.installed; \
    find -type f -not -perm 755 -exec file {} \; | grep 'shared object')"
  F_644="$(find -type f -not -perm 644 -exec file {} \; \
    | grep -v 'executable' | grep -v 'shared object' | grep -v usr/local/tce.installed)"
  ) &
  rotdash $!
And the fixing files part :
Code: [Select]
  if [ "${F_RR}${D_RR}" ]; ...
  [ "$F_755" ] || [ "$D_755" ] ...
  [ "$F_644" ] &&
What I am trying to say is Variables modified in a subshell are not accessible in its parent shell and, grouping commands in () or {} or backgrounding them executes the commands in them in a subshell. As the variables are modified in a subshell that is backgrounded, the variables inside the subshell get lost as soon as the shell is closed (when the finds are completed). As the variables are empty, the checks above won't work.
Solution : Just include them in the (). The variables created inside the subshell are used only for the if commands and not in any other parts of the script. So, we could just add the if commands to the subshell. We should leave the last "CHANGES=1" line outside of () as it is used in other parts of submitqc.

I am also testing (just started testing it) a patch that actually does all of the functions described here and also fixes this bug : forum.tinycorelinux.net/index.php/topic,24351.msg154304.html#msg154304 (even removing the dep families thing). It will be a little late. Thanks for reading !

Offline CNK

  • Wiki Author
  • Sr. Member
  • *****
  • Posts: 283
Re: Here's why submitqc file perms check doesn't work
« Reply #1 on: November 12, 2020, 06:42:36 PM »
Oh rats, I got the wrong idea about files needing to be owned by root based on the wiki instructions (meh, I see it now of course, but it doesn't say anything about root or sudo near the "make DESTDIR=/tmp/package install" part, which is where you want to know) and the behaviour of the unsquashfs program. That's four new extensions that I'll have to redo then. I'd only submitted the firefox_getLatest.tcz one so far though, I'll submit a chown/grped version of that when I get the chance.

Thanks for mentioning this, at least I found out mid-way through my list of programs to compile for TC, rather than at the end.

Offline Sashank999

  • Sr. Member
  • ****
  • Posts: 395
Re: Here's why submitqc file perms check doesn't work
« Reply #2 on: November 12, 2020, 10:51:21 PM »
I actually forgot to mention my question :

Are file permissions inside the tcz really concerned ?

I would like any member of Team TCL answer for this because I never got any warnings from Repo Manager regarding file permissions in tczs submitted by me even when the submitqc file checks didn't work.

Online Juanito

  • Administrator
  • Hero Member
  • *****
  • Posts: 14815
Re: Here's why submitqc file perms check doesn't work
« Reply #3 on: November 13, 2020, 05:41:03 AM »
If you're asking if file permissions matter inside an extension, then the answer is yes.