From patchwork Mon Oct 26 19:32:16 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sven Joachim <svenjoac@gmx.de>
X-Patchwork-Id: 11858505
Return-Path: <SRS0=c+w1=EB=vger.kernel.org=linux-kbuild-owner@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7110B14B2
	for <patchwork-linux-kbuild@patchwork.kernel.org>;
 Mon, 26 Oct 2020 19:32:56 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id 42C8E21D42
	for <patchwork-linux-kbuild@patchwork.kernel.org>;
 Mon, 26 Oct 2020 19:32:56 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (1024-bit key) header.d=gmx.net header.i=@gmx.net
 header.b="XTjL2vfm"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1793132AbgJZTcw (ORCPT
        <rfc822;patchwork-linux-kbuild@patchwork.kernel.org>);
        Mon, 26 Oct 2020 15:32:52 -0400
Received: from mout.gmx.net ([212.227.15.15]:47575 "EHLO mout.gmx.net"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1774601AbgJZTcw (ORCPT <rfc822;linux-kbuild@vger.kernel.org>);
        Mon, 26 Oct 2020 15:32:52 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net;
        s=badeba3b8450; t=1603740762;
        bh=ShOLs+1ibLkPYeUmuVBwiL4vszUxvK6A7Wzsv+zGpb0=;
        h=X-UI-Sender-Class:From:To:Cc:Subject:Date;
        b=XTjL2vfmgIIUV9kRtiPnOr91rMYcF9ngHLMBhLjChk9MeV7qrS0Ll8TKz3fbV1neo
         feolNLXGogknO+mHdGDExyUu1czCrTJ8wFpv6cy4YjQWyp7SPQnqN6osE0X591qsFi
         BmBSZg6dYwiQU3xohd1e8ZCe4zqQdPSiHQGJsfc4=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from localhost.localdomain ([79.223.32.86]) by mail.gmx.com
 (mrgmx004 [212.227.17.190]) with ESMTPSA (Nemesis) id
 1Mq2j2-1k1uHr3x7i-00nD20; Mon, 26 Oct 2020 20:32:42 +0100
Received: by localhost.localdomain (Postfix, from userid 1000)
        id 2308E800D9; Mon, 26 Oct 2020 20:32:40 +0100 (CET)
From: Sven Joachim <svenjoac@gmx.de>
To: linux-kbuild@vger.kernel.org,
        Masahiro Yamada <masahiroy@kernel.org>,
        Michal Marek <michal.lkml@markovi.net>
Cc: linux-kernel@vger.kernel.org, Sven Joachim <svenjoac@gmx.de>,
        Guillem Jover <guillem@hadrons.org>
Subject: [PATCH 1/2] builddeb: Fix rootless build in setuid/setgid directory
Date: Mon, 26 Oct 2020 20:32:16 +0100
Message-Id: <20201026193217.402412-1-svenjoac@gmx.de>
X-Mailer: git-send-email 2.28.0
MIME-Version: 1.0
X-Provags-ID: V03:K1:NSkC1V+EbxMe4Ro6SpvBMwqjXxOwK3NSvGMR3Vn1wpVnkGDT/Lm
 VmkbiG7eU1D4YY3t2OtQwpqwHsASITg9b8K39HnkQIDeKQ0F12pz1mSrJB11kvsBgRNtZ5y
 yVN3lmoPSzIszu4P6n2PQsYCB2c1CNWabo2ycHjXYVWQqsVYSDDN55nBoxxN5dTZBQoCLNj
 pOvpqJzh/TNFuzAsdgVvw==
X-Spam-Flag: NO
X-UI-Out-Filterresults: notjunk:1;V03:K0:fYpsOkBFTJE=:PiYfed4IIhy38hNPcCA5iD
 5gY84Gx4kYXaQxHQ96hX479iy0JLRLu9WK7dvJsH2VoVgyYfG3Wpt0BQax08aHd3WkPHWk1l0
 2lR0Pe6V0Xh/xl90CKm9naGPBkuVsgXXe/gPvpMoQwMy3VfDALfQylgBR6Rvd/r4u/R/5XTOH
 GUXBlraveRguYngwgMTyyA3S8CDPSvVQ9+CZXLotF2qhH4F1qXsBg5tuJVe2AJrONSBCa7XVc
 Kakof23K0CaGSRHIdTeGJO9xtcmo2VXyYxMaNs4LpzFD6gnwDzd8xXKr7PLvnOyyU+hTatWOc
 02UERviFhyO4qy3TqWcBZiZ0rKXcwHqgHYprF5wWwaSWDf+pbdNSTvFQb4EIeupfi1iN9qznI
 Ux3gEBhXNXpGY/irSVv8UnO3yUcvo3JgQWbnLGQH9h4OcZtNpclZL6EEQA3Qk/cs4cVHe4P2/
 1NYS9/SG6gC7pzVBJ9rrputQB2oQL+muW7yp7PitzMh+FyznWQEu6vrpqLmfJCP0ScUximTbt
 qtAt+pTjptdKqmVyLLsQEF0G1FEcJ7OVe79WFz7/x29inCl8wnBIbXenxTNsjY+CbsBVmRh7K
 f2C+0QvAp8yfszLuCQe5hF6g7kLJrN4dVi+5Bem0s7Q7H2u+ZnqnkMvvfY7HNNqBPeGNNidoy
 8Q6P+98eqpZOW0bDdIzP2EpKPj64W6lrcsDzeXPlZ/O8CDis7gK86cG7RuNun23ihOdE3nUg1
 gKo6QNV7kzehVvdTrIArLuZDBoO04Ofgb4uhChIz84ehgPlrxs1NMfYyw+DwJBI8JTMg4h+LC
 FAdHlvqCI2jcVjKv/e+LRxffRkWapgaCYXbZp//q78en2l4yLKSVTEq2gv3DM+ujZJ+9Mo3Mq
 qmfY+EPef3dSwTBlwuwA==
Precedence: bulk
List-ID: <linux-kbuild.vger.kernel.org>
X-Mailing-List: linux-kbuild@vger.kernel.org

Building 5.10-rc1 in a setgid directory failed with the following
error:

dpkg-deb: error: control directory has bad permissions 2755 (must be
>=0755 and <=0775)

When building with fakeroot, the earlier chown call would have removed
the setgid bits, but in a rootless build they remain.

Fixes: 3e8541803624 ("builddeb: Enable rootless builds")
Cc: Guillem Jover <guillem@hadrons.org>
Signed-off-by: Sven Joachim <svenjoac@gmx.de>
---
 scripts/package/builddeb | 2 ++
 1 file changed, 2 insertions(+)

--
2.28.0

diff --git a/scripts/package/builddeb b/scripts/package/builddeb
index 1b11f8993629..91a502bb97e8 100755
--- a/scripts/package/builddeb
+++ b/scripts/package/builddeb
@@ -45,6 +45,8 @@ create_package() {
 	chmod -R go-w "$pdir"
 	# in case we are in a restrictive umask environment like 0077
 	chmod -R a+rX "$pdir"
+	# in case we build in a setuid/setgid directory
+	chmod -R ug-s "$pdir"

 	# Create the package
 	dpkg-gencontrol -p$pname -P"$pdir"

From patchwork Mon Oct 26 19:32:17 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sven Joachim <svenjoac@gmx.de>
X-Patchwork-Id: 11858503
Return-Path: <SRS0=c+w1=EB=vger.kernel.org=linux-kbuild-owner@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 745FD139F
	for <patchwork-linux-kbuild@patchwork.kernel.org>;
 Mon, 26 Oct 2020 19:32:52 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id 51B562070E
	for <patchwork-linux-kbuild@patchwork.kernel.org>;
 Mon, 26 Oct 2020 19:32:52 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (1024-bit key) header.d=gmx.net header.i=@gmx.net
 header.b="L0byklSn"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1784888AbgJZTcw (ORCPT
        <rfc822;patchwork-linux-kbuild@patchwork.kernel.org>);
        Mon, 26 Oct 2020 15:32:52 -0400
Received: from mout.gmx.net ([212.227.17.21]:59685 "EHLO mout.gmx.net"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1784784AbgJZTcw (ORCPT <rfc822;linux-kbuild@vger.kernel.org>);
        Mon, 26 Oct 2020 15:32:52 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net;
        s=badeba3b8450; t=1603740765;
        bh=CZCsGaqX+45NNOYzXFKIkh4B51ifkFDZAdb/wH6esZY=;
        h=X-UI-Sender-Class:From:To:Cc:Subject:Date:In-Reply-To:References;
        b=L0byklSnqI9OVDheqrpE35/Z9sNKTHqU/UmoyY2HwwQqn5nauwuRp8jGedoM79DcD
         tkbykd7RKO/ytn8W1G+g0mS1ZOAEtihDITgX0N8KFWakmwZmnIFO91hEdPYhA+aUEt
         nYhoLYT2BlfMBtu0qOlnc6ouWLk1lN4zJxS9mjWg=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from localhost.localdomain ([79.223.32.86]) by mail.gmx.com
 (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id
 1MCsUC-1kftfw45LM-008s1A; Mon, 26 Oct 2020 20:32:45 +0100
Received: by localhost.localdomain (Postfix, from userid 1000)
        id 546ED800D9; Mon, 26 Oct 2020 20:32:44 +0100 (CET)
From: Sven Joachim <svenjoac@gmx.de>
To: linux-kbuild@vger.kernel.org,
        Masahiro Yamada <masahiroy@kernel.org>,
        Michal Marek <michal.lkml@markovi.net>
Cc: linux-kernel@vger.kernel.org, Sven Joachim <svenjoac@gmx.de>
Subject: [PATCH 2/2] builddeb: Consolidate consecutive chmod calls into one
Date: Mon, 26 Oct 2020 20:32:17 +0100
Message-Id: <20201026193217.402412-2-svenjoac@gmx.de>
X-Mailer: git-send-email 2.28.0
In-Reply-To: <20201026193217.402412-1-svenjoac@gmx.de>
References: <20201026193217.402412-1-svenjoac@gmx.de>
MIME-Version: 1.0
X-Provags-ID: V03:K1:HPUyY7qSnCfueopvEerzEZHdTsL9dwjTDbT+OxmyjzpjeSqntXG
 C3nqTJtDZUpEH+GaVSLo//900D+86Q/elvHDuFUtdNe8DPGFEDFMY/TUpX1BdF6ngY/PD2S
 HuSIxS/8xVDTKXu7yYfn1S5bXEiNVl4O+MRWOlewIVgpU3SxxseRnMPhK+0Tn3aP3trmaW6
 RjQBobuk29x2vDp4g0jVg==
X-Spam-Flag: NO
X-UI-Out-Filterresults: notjunk:1;V03:K0:lUdz68dIrvA=:Fke7mghXiCg9irhS+jM0+P
 g+KEN0vPb4l6+YiZPln11bW48kI/RKDo2cZc3smMVx+F1zpfUwFBF5cPWKaS5XzU4TV3zq1IK
 JdI4WBdEk8ZahxKr1s/NQd+XRQDPnIPXJD1fmo8XDadS072hJn2kUaKmAg7Rrg2GPNKvgqXwX
 c1zkLUaeCdWWGyxe+bsgdaFWUP/cUWtgn6pk1mq/waoh6H3mS4HE9f18GChvSbHQYwF60TCuV
 JqwIvHaixd3yEaBwi/KiqS2NZ5nYYEBnRHfonMOLCL7R15aK6ewRasygpTQpj5FvregqYOzof
 PPJadSrlRn7HPU/VVEj40kGwaW3XBwdPRkLkrE8iJaoL1Q3LZa8N0Q+U86qS/FZT8UpRKmKJ7
 pVMwNAtJloRbdt6Mx8K4Q0YjtY0YFFIyqS5HGAF/3L2vR637xt8RTCnzshBQriUhdBGv8rY0q
 S11z6YY0z5g+/OuO/9iZ+flwoe5Tm2xonfbhineq3Zb2FD1A/xSStCKi0N68smYYSsuYlJJV2
 uCG8O5m95c7HXzBYURB2iGL1wBO5SB2XstXyFC6CN44gfQS5zAGI5LHxOeuIG3yv65x/b9El4
 gfcUe+IXPKJ/14AP6JRihMLD0aBRLyJeLRCv6CbVLCauY8gRIPSpFkXohiv/eZli72d4Etppz
 9oDuNbIsh9ZL5F4JWkDnKKbxJJX3FFX1k3FjhIVinOrjuFgA5DerpuDgHhdvIXuxk/HW/NrxS
 K8z3wTFATregi+03UivRSJUJIhiYCKuhcubZNgSknJwRC/2M7H9ACdrbDvBYjWS707p63fRrj
 CTJlWeGOrE3ww0M4+DpQDU0ohvm17npACM0KPLXNW45tK4Eg3igJXJF1W4Pwp0gzTyeEBeLSu
 HEjCKlj+Aq0ShonbQf/Q==
Precedence: bulk
List-ID: <linux-kbuild.vger.kernel.org>
X-Mailing-List: linux-kbuild@vger.kernel.org

No need to call chmod three times when it can do everything at once.

Signed-off-by: Sven Joachim <svenjoac@gmx.de>
---
 scripts/package/builddeb | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

--
2.28.0

diff --git a/scripts/package/builddeb b/scripts/package/builddeb
index 91a502bb97e8..81ec6414726c 100755
--- a/scripts/package/builddeb
+++ b/scripts/package/builddeb
@@ -42,11 +42,7 @@ create_package() {
 	else
 		chown -R root:root "$pdir"
 	fi
-	chmod -R go-w "$pdir"
-	# in case we are in a restrictive umask environment like 0077
-	chmod -R a+rX "$pdir"
-	# in case we build in a setuid/setgid directory
-	chmod -R ug-s "$pdir"
+	chmod -R go-w,a+rX,ug-s "$pdir"

 	# Create the package
 	dpkg-gencontrol -p$pname -P"$pdir"