From 26b66a6a9e721df73c0fbdef5fbe4e8c2c7895ae Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Wed, 27 Sep 2017 11:33:17 +1000 Subject: [PATCH] zuul-cloner: enter directory before copying The "-a" argument to cp implies "--preserve=all" which changes the permissions of the target directory; e.g. mkdir /tmp/foo chmod 700 /tmp/foo cp -al /some/dir/. /tmp/foo ls -l /tmp/foo and you will find that /tmp/foo is probably not 700 any more. This causes problems when /tmp/foo is a home directory, because it can make them world-writable and hence ssh won't log into them any more. For simplicity, switch into the directory we want to copy into, and then copy everything in. This should stop cp touching the parent directory in any way. Change-Id: Icd842b6fba220d41601adeaa0c5a41b2dab582bc --- .../fetch-zuul-cloner/templates/zuul-cloner-shim.py.j2 | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/roles/fetch-zuul-cloner/templates/zuul-cloner-shim.py.j2 b/roles/fetch-zuul-cloner/templates/zuul-cloner-shim.py.j2 index cb3da5f5a..b21f294a5 100644 --- a/roles/fetch-zuul-cloner/templates/zuul-cloner-shim.py.j2 +++ b/roles/fetch-zuul-cloner/templates/zuul-cloner-shim.py.j2 @@ -16,6 +16,7 @@ import argparse import os import re +import subprocess import sys import yaml @@ -144,10 +145,13 @@ def main(): print("Creating %s" % d) os.makedirs(d) - # Create hard link copy of the source directory - cmd = "cp -al %s/. %s" % (src, dst) + # Create hard link copy of the source directory. Note we cd + # into the target directory to avoid "cp -a" modifying the + # permissions of dst itself, which in particular can be fatal + # to ssh access when dst is a homedir + cmd = "cd %s; cp -al %s/. ." % (dst, src) print("%s" % cmd) - if os.system(cmd): + if subprocess.call(cmd, shell=True) != 0: print("Error executing: %s" % cmd) sys.exit(1)