[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lmi-commits] [lmi] master a7785d6 2/2: Resolve the root cause of chroot
From: |
Greg Chicares |
Subject: |
[lmi-commits] [lmi] master a7785d6 2/2: Resolve the root cause of chroot permissions problems |
Date: |
Wed, 19 Feb 2020 15:42:38 -0500 (EST) |
branch: master
commit a7785d6a55713acab2fea59f812f3c6f3ebb91be
Author: Gregory W. Chicares <address@hidden>
Commit: Gregory W. Chicares <address@hidden>
Resolve the root cause of chroot permissions problems
The problem described here:
https://lists.nongnu.org/archive/html/lmi/2020-02/msg00007.html
was actually caused by an overly restrictive umask that had been imposed
by some misbegotten /etc/corporate_profile . The problem vanishes when
the umask is reset to 022, which is the default for redhat as well as
debian. See:
https://lists.nongnu.org/archive/html/lmi/2020-02/msg00018.html
---
install_redhat.sh | 13 ++++---------
1 file changed, 4 insertions(+), 9 deletions(-)
diff --git a/install_redhat.sh b/install_redhat.sh
index f6adbfc..32ed73b 100755
--- a/install_redhat.sh
+++ b/install_redhat.sh
@@ -28,6 +28,9 @@ set -evx
stamp0=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
echo "Started: $stamp0"
+# Override any too-restrictive corporate default (e.g., 077).
+umask 022
+
# First, destroy any chroot left by a prior run.
grep "${CHRTNAME}" /proc/mounts | cut -f2 -d" " | xargs umount || echo "None?"
rm -rf /srv/chroot/"${CHRTNAME}"
@@ -76,21 +79,13 @@ yum --assumeyes install ca-certificates curl nss-pem
#yum --assumeyes install
https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum --assumeyes install epel-release
-# Make the about-to-be-created chroot's root directory, and files and
-# directories created under it, accessible to the "lmi" group--see:
-# https://lists.nongnu.org/archive/html/lmi/2020-02/msg00007.html
-# et seqq.
-mkdir -p /srv/chroot/"${CHRTNAME}"
-chgrp lmi /srv/chroot/"${CHRTNAME}"
-chmod 2770 /srv/chroot/"${CHRTNAME}"
-umask 0007
-
yum --assumeyes install schroot
# To show available debootstrap scripts:
# ls /usr/share/debootstrap/scripts
# Install a debian chroot inside this centos chroot.
yum --assumeyes install debootstrap
+mkdir -p /srv/chroot/"${CHRTNAME}"
debootstrap "${CODENAME}" /srv/chroot/"${CHRTNAME}"
http://deb.debian.org/debian/
echo Installed debian "${CODENAME}".