From: Alex Vong <alexvong1995@gmail.com>
To: guix-devel@gnu.org
Subject: Using ``chmod'' in build phases
Date: Tue, 02 Jan 2018 22:36:11 +0800 [thread overview]
Message-ID: <87h8s42uqs.fsf@gmail.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 11799 bytes --]
Hello,
Running ``LC_ALL=C grep -r chmod'' on ``guix/gnu/packages'', gives the
following result. As you can see, various modes are used, such as 644,
755, 555, 666, 777, 664. Do we have a guide on which mode should be
prefered? I personally always used 644 for non-executable files, and 755
for directories and executable files. Any idea?
networking.scm: (chmod "." #o755)
commencement.scm: (chmod program #o555))
Binary file admin.go matches
Binary file fpga.go matches
mail.scm: (chmod "mb2md" #o555))
Binary file ssh.go matches
Binary file package-management.go matches
irc.scm: (("/bin/chmod") "chmod")
irc.scm: ;; Furthermore bsdinstalls has a reference to /etc/chmod here, which
irc.scm: (("/bin/chmod") "chmod")
patches/libbase-use-own-logging.patch: // We do an explicit fchmod here because we assume that the caller really
patches/libbase-use-own-logging.patch: if (fchmod(fd, mode) == -1) {
patches/libbase-use-own-logging.patch:- ALOGE("android::WriteStringToFile fchmod failed: %s", strerror(errno));
patches/libbase-use-own-logging.patch:+ PLOG(ERROR) << "android::WriteStringToFile fchmod failed";
patches/findutils-localstatedir.patch: chmod +x $@
patches/nss-pkgconfig.patch:+ chmod 0644 nss.pc
patches/nss-pkgconfig.patch:+ chmod 0755 nss-config
patches/4store-fix-buildsystem.patch:! chmod 1777 $(DESTDIR)@FS_STORE_ROOT@
patches/cdrtools-3.01-mkisofs-isoinfo.patch:- fchmodat(AT_FDCWD, fname, fstat_buf.st_mode, AT_SYMLINK_NOFOLLOW);
patches/cdrtools-3.01-mkisofs-isoinfo.patch:+ fchmodat(AT_FDCWD, fname, fstat_buf.st_mode, AT_SYMLINK_NOFOLLOW);
patches/tcsh-fix-autotest.patch: chmod a+x args.sh
patches/tcsh-fix-autotest.patch:-chmod a+x script.sh subdir/script.sh
patches/tcsh-fix-autotest.patch:+#chmod a+x script.sh subdir/script.sh
patches/perl-file-path-CVE-2017-6512.patch:https://anonscm.debian.org/cgit/perl/perl.git/diff/debian/patches/fixes/file_path_chmod_race.diff?id=e7b50f8fb6413f8ddfbbfda2d531615fb029e2d3
patches/perl-file-path-CVE-2017-6512.patch:Subject: Prevent directory chmod race attack.
patches/perl-file-path-CVE-2017-6512.patch:CVE-2017-6512 is a race condition attack where the chmod() of directories
patches/perl-file-path-CVE-2017-6512.patch:the directory-permission loosening logic to systems where fchmod() is
patches/perl-file-path-CVE-2017-6512.patch:Patch-Name: fixes/file_path_chmod_race.diff
patches/perl-file-path-CVE-2017-6512.patch:- or chmod( $nperm, $root )
patches/perl-file-path-CVE-2017-6512.patch:+ # This uses fchmod to avoid traversing outside of the proper
patches/perl-file-path-CVE-2017-6512.patch:+ or eval { chmod( $nperm, $root_fh ) }
patches/perl-file-path-CVE-2017-6512.patch:+my $fchmod_supported = 0;
patches/perl-file-path-CVE-2017-6512.patch:+ eval { $fchmod_supported = chmod( $perm, $fh); };
patches/perl-file-path-CVE-2017-6512.patch:+ skip "fchmod of directories not supported on this platform", 3 unless $fchmod_supported;
patches/perl-file-path-CVE-2017-6512.patch: # http://perldoc.perl.org/perlport.html#chmod
patches/perl-file-path-CVE-2017-6512.patch: skip "Windows chmod test skipped", $skip_count
patches/perl-file-path-CVE-2017-6512.patch:+ skip "fchmod() on directories is not supported on this platform", $skip_count
patches/perl-file-path-CVE-2017-6512.patch:+ unless $fchmod_supported;
patches/perl-file-path-CVE-2017-6512.patch:- $dir = catdir($tmp_base, 'chmod_test');
patches/perl-file-path-CVE-2017-6512.patch:+ $dir = catdir($tmp_base, sprintf("chmod_test%04o", $input));
patches/portmidi-modular-build.patch:- COMMAND chmod +x pmdefaults/pmdefaults
patches/byobu-writable-status.patch:+ chmod +w "$BYOBU_CONFIG_DIR/$f"
patches/proot-test-fhs.patch:@@ -34,7 +34,7 @@ chmod +x ${ROOTFS}/${TMP_ABS}
patches/rsync-CVE-2017-17434-pt2.patch: extern struct chmod_mode_struct *daemon_chmod_modes;
Binary file tex.go matches
Binary file networking.go matches
virtualization.scm: (chmod "samba-wrapper" #o755)
Binary file graphviz.go matches
tex.scm: "batchmode; "
tex.scm: "batchmode; "
tex.scm: "batchmode; "
tex.scm: (and (zero? (system* "luatex" "-ini" "-interaction=batchmode"
tex.scm: (zero? (system* "tex" "-ini" "-interaction=batchmode"
tex.scm: (zero? (system* "latex" "-ini" "-interaction=batchmode"
tex.scm: (zero? (system* format "-ini" "-interaction=batchmode"
tex.scm: (zero? (system* "luatex" "-ini" "-interaction=batchmode"
tex.scm: "batchmode; "
tex.scm: "batchmode; "
Binary file autotools.go matches
ssh.scm: (chmod (string-append (assoc-ref outputs "out")
Binary file python.go matches
Binary file maths.go matches
cups.scm: (for-each (lambda (file) (chmod file #o644))
cups.scm: (for-each (lambda (file) (chmod file #o644))
axoloti.scm: (chmod target #o555))
python.scm: (chmod file #o755))
python.scm: (chmod new #o755)
Binary file wget.go matches
Binary file bioinformatics.go matches
kodi.scm: (("autoreconf -vif") "chmod -R u+w ."))
Binary file perl.go matches
c.scm: (chmod port #o777)))
Binary file axoloti.go matches
Binary file ocaml.go matches
ocaml.scm: (chmod "src/strings.ml" #o600)
conkeror.scm: (chmod launcher #o555)))))))
Binary file java.go matches
Binary file emacs.go matches
text-editors.scm: (zero? (system* "chmod" "-R" "u+w" "../test")))))))
nvi.scm: (chmod "configure" #o0755)))))
disk.scm: (chmod exe #o555)
Binary file backup.go matches
Binary file music.go matches
audio.scm: (chmod file #o644))
music.scm: (chmod (string-append out "/share/Aria/Documentation") #o555)
music.scm: (chmod (string-append out "/share/Aria/score") #o555)
music.scm: (chmod (string-append bin "/tuxguitar") #o555)
music.scm: (for-each (cut chmod <> #o644)
Binary file zile.go matches
emacs.scm: (chmod exwm-executable #o555)
emacs.scm: (chmod exwm-executable #o555)
perl.scm: (chmod dso #o755))
perl.scm: (chmod "blib/arch/auto/Digest/MD5/MD5.so" #o755))))))
Binary file bootstrap.go matches
tls.scm: (chmod file #o644))
certs.scm: (chmod "certdata2pem.py" #o555)
java.scm: (chmod target #o755)
java.scm: (chmod (string-append bin tool) #o755))
java.scm: (chmod target #o755)
java.scm: (string-append line "; chmod -R u+w $(BOOT_DIR)")))
java.scm: (zero? (system* "chmod" "-R" "u+w" "openjdk"))
java.scm: (("/bin/chmod") (which "chmod")))
java.scm: ;; The cacerts files we are going to overwrite are chmod'ed as
java.scm: (chmod (string-append (assoc-ref outputs "out")
java.scm: (chmod (string-append (assoc-ref outputs "jdk")
java.scm: (chmod (string-append bin "/antlr3") #o755))))
java.scm: (chmod (string-append bin "/antlr3") #o755)
java.scm: (chmod (string-append bin "/antlr3") #o755))))
java.scm: (chmod (string-append bin "/mvel2") #o755))
backup.scm: (chmod target-file-location #o755)
Binary file c.go matches
linux.scm: (chmod ".config" #o666))
linux.scm: (chmod file #o666))
linux.scm: (chmod "e2fsck" #o555))))))
linux.scm: (chmod "zerofree" #o555)
linux.scm: (chmod file #o755))
linux.scm: (chmod target #o555)))))
Binary file kodi.go matches
Binary file monitoring.go matches
Binary file virtualization.go matches
Binary file audio.go matches
Binary file certs.go matches
fpga.scm: (zero? (system* "chmod" "+w" "abc/abc")))))
Binary file tls.go matches
package-management.scm: (chmod po #o666))
Binary file text-editors.go matches
Binary file commencement.go matches
uml.scm: (chmod wrapper #o555))
Binary file disk.go matches
Binary file graphics.go matches
graphviz.scm: (chmod "test/boolean/test.sh" #o777))
web.scm: (chmod "woof" #o555))
Binary file netpbm.go matches
bootloaders.scm: (zero? (system* "chmod" "a+w" "utils/isohybrid.in"))))
Binary file uml.go matches
bootstrap.scm: (chmod bin-dir #o755)
bootstrap.scm: (chmod guile #o555)
bootstrap.scm: (chmod bin-dir #o555))))))
bootstrap.scm: (chmod "bin" #o755)
bootstrap.scm: (chmod "bin" #o555)
bootstrap.scm: (chmod "lib" #o755)
bootstrap.scm: (chmod "." #o755)
bootstrap.scm: (chmod "gcc" #o555))))))
engineering.scm: (chmod (string-append out "/bin/" script) #o555)))
Binary file conkeror.go matches
Binary file bootstrap/x86_64-linux/mkdir matches
Binary file bootstrap/armhf-linux/mkdir matches
Binary file bootstrap/i686-linux/mkdir matches
Binary file bootstrap/mips64el-linux/mkdir matches
Binary file bootstrap/aarch64-linux/mkdir matches
Binary file readline.go matches
Binary file games.go matches
Binary file irc.go matches
readline.scm: (for-each (lambda (f) (chmod f #o755))
readline.scm: (for-each (lambda (f) (chmod f #o644))
wget.scm: (chmod file #o755))
games.scm: (chmod (string-append bin "/roguebox-adventures") #o555)
games.scm: (chmod port #o777)))))
games.scm: (chmod "redeclipse_linux" #o555)
games.scm: (chmod "redeclipse_server_linux" #o555)))
games.scm: (chmod higan #o555)
games.scm: (chmod prog #o755)
games.scm: (chmod wrapper #o555)
zile.scm: (chmod file #o755))
lisp.scm: (chmod wrapper #o755))
lisp.scm: (chmod script #o755)
Binary file base.go matches
Binary file cups.go matches
bioinformatics.scm: (chmod wrapper #o555)))))))
bioinformatics.scm: (chmod (string-append target "GESS.py") #o555)
bioinformatics.scm: (chmod "_pytadbit/_version.py" #o664)
bioinformatics.scm: (chmod "README.rst" #o664)
autotools.scm: (chmod (string-append bin "/autoconf") #o555)))))))
Binary file nvi.go matches
monitoring.scm: (("chmod g\\+s.*" all)
Binary file web.go matches
version-control.scm: (chmod new #o555))
admin.scm: (chmod "bind/bind.tar.gz" #o644)
Binary file linux.go matches
graphics.scm: (chmod "brdf" #o555))))))))
Binary file bootloaders.go matches
Binary file version-control.go matches
base.scm: (chmod ld #o555)
Binary file mail.go matches
netpbm.scm: (chmod "config.mk" #o664)
simulation.scm: ;; 'chmod' step is needed before running the applications. For
simulation.scm: ;; $ chmod -R u+w .
Binary file lisp.go matches
maths.scm: (chmod "src/maxima" #o555)
maths.scm: (chmod wrapper #o555))))
Binary file engineering.go matches
Cheers,
Alex
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
next reply other threads:[~2018-01-02 14:36 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-02 14:36 Alex Vong [this message]
2018-01-02 16:28 ` Using ``chmod'' in build phases ng0
2018-01-04 13:05 ` Alex Vong
2018-01-04 8:33 ` Mark H Weaver
2018-01-04 18:06 ` Alex Vong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87h8s42uqs.fsf@gmail.com \
--to=alexvong1995@gmail.com \
--cc=guix-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).