From 553c3978560caa023cc507a4e6836b1cd5833c4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Prante?= Date: Mon, 23 Oct 2023 19:58:38 +0200 Subject: [PATCH] add rpm suid bits --- .../groovy/org/xbib/gradle/plugin/Rpm.groovy | 17 ++++++++-- .../xbib/gradle/plugin/RpmCopyAction.groovy | 34 +++++++++++++------ .../org/xbib/gradle/plugin/RpmFullTest.groovy | 2 +- .../xbib/gradle/plugin/RpmSimpleTest.groovy | 6 ++++ 4 files changed, 46 insertions(+), 13 deletions(-) diff --git a/gradle-plugin-rpm/src/main/groovy/org/xbib/gradle/plugin/Rpm.groovy b/gradle-plugin-rpm/src/main/groovy/org/xbib/gradle/plugin/Rpm.groovy index a4ba249..241b8d2 100644 --- a/gradle-plugin-rpm/src/main/groovy/org/xbib/gradle/plugin/Rpm.groovy +++ b/gradle-plugin-rpm/src/main/groovy/org/xbib/gradle/plugin/Rpm.groovy @@ -127,6 +127,14 @@ class Rpm extends AbstractArchiveTask { @Input Integer gid + @Optional + @Input + Boolean setuid + + @Optional + @Input + Boolean setgid + @Optional @Input String maintainer @@ -349,10 +357,15 @@ class Rpm extends AbstractArchiveTask { sb.toString() } - Directory directory(String path) { Directory directory = new Directory(path: path) - directories << directory + directories.add(directory) + directory + } + + Directory directory(String path, String user, String group) { + Directory directory = new Directory(path: path, user: user, group: group) + directories.add(directory) directory } diff --git a/gradle-plugin-rpm/src/main/groovy/org/xbib/gradle/plugin/RpmCopyAction.groovy b/gradle-plugin-rpm/src/main/groovy/org/xbib/gradle/plugin/RpmCopyAction.groovy index 5638ff2..8f16538 100644 --- a/gradle-plugin-rpm/src/main/groovy/org/xbib/gradle/plugin/RpmCopyAction.groovy +++ b/gradle-plugin-rpm/src/main/groovy/org/xbib/gradle/plugin/RpmCopyAction.groovy @@ -1,5 +1,6 @@ package org.xbib.gradle.plugin +import groovy.util.logging.Log import org.gradle.api.Project import org.gradle.api.file.DuplicatesStrategy import org.gradle.api.file.FileCopyDetails @@ -18,7 +19,10 @@ import org.xbib.rpm.payload.Directive import java.nio.file.Files import java.nio.file.Path import java.nio.file.StandardOpenOption +import java.nio.file.attribute.PosixFileAttributeView +import java.nio.file.attribute.PosixFileAttributes +@Log class RpmCopyAction implements CopyAction { Project project @@ -105,8 +109,9 @@ class RpmCopyAction implements CopyAction { builder.addProvides(provides.packageName, provides.flags, provides.version) } for (Directory directory : task.directories) { - String user = directory.user ? directory.user : task.user - String group = directory.group ? directory.group : task.group + String user = directory.user ?: task.user + String group = directory.group ?: task.group + log.info("dir = " + directory.path) builder.addDirectory(directory.path, directory.permissions, null, user, group, directory.addParents) } } @@ -123,20 +128,29 @@ class RpmCopyAction implements CopyAction { private class StreamAction implements CopyActionProcessingStreamAction { @Override - void processFile(FileCopyDetailsInternal fileCopyDetailsInternal) { - boolean addParents = task.addParentDirs != null ? task.addParentDirs : task.addParentDirs - Path path = extractPath(tempDir, fileCopyDetailsInternal) - String p = "/${fileCopyDetailsInternal.path}" + void processFile(FileCopyDetailsInternal details) { + boolean addParents = task.addParentDirs != null ? task.addParentDirs : false + Path path = extractPath(tempDir, details) + PosixFileAttributeView view = Files.getFileAttributeView(path, PosixFileAttributeView) + PosixFileAttributes attributes = view.readAttributes() + String user = task.user ?: attributes.owner().name + String group = task.group ?: attributes.group().name + String p = "/${details.path}" if (Files.isSymbolicLink(path)) { builder.addLink(p, Files.readSymbolicLink(path).toFile().path, -1) - } else if (!fileCopyDetailsInternal.isDirectory()) { - int mode = fileCopyDetailsInternal.mode + } else if (!details.isDirectory()) { + int mode = details.mode + if (task.setuid) { + mode |= 01000 + } task.group int dirmode = -1 + if (task.setgid) { + dirmode |= 02000 + } EnumSet directive = makeDirective(task.fileType) - String user = task.user ?: task.user - String group = task.group ?: task.group builder.addFile(p, path, mode, dirmode, directive, user, group, addParents) } + // we skip all directories } } diff --git a/gradle-plugin-rpm/src/test/groovy/org/xbib/gradle/plugin/RpmFullTest.groovy b/gradle-plugin-rpm/src/test/groovy/org/xbib/gradle/plugin/RpmFullTest.groovy index 9f941b3..4bc40ab 100644 --- a/gradle-plugin-rpm/src/test/groovy/org/xbib/gradle/plugin/RpmFullTest.groovy +++ b/gradle-plugin-rpm/src/test/groovy/org/xbib/gradle/plugin/RpmFullTest.groovy @@ -101,7 +101,7 @@ class RpmFullTest { packageName = 'test' packageVersion = '1.0.0' packageRelease = '1' - directory '/lib' + directory '/lib', 'root', 'root' }) project.tasks.buildRpm.copy() RpmReader rpmReader = new RpmReader() diff --git a/gradle-plugin-rpm/src/test/groovy/org/xbib/gradle/plugin/RpmSimpleTest.groovy b/gradle-plugin-rpm/src/test/groovy/org/xbib/gradle/plugin/RpmSimpleTest.groovy index 450bfae..1716dc3 100644 --- a/gradle-plugin-rpm/src/test/groovy/org/xbib/gradle/plugin/RpmSimpleTest.groovy +++ b/gradle-plugin-rpm/src/test/groovy/org/xbib/gradle/plugin/RpmSimpleTest.groovy @@ -1,5 +1,6 @@ package org.xbib.gradle.plugin +import groovy.util.logging.Log import org.gradle.api.Project import org.gradle.testfixtures.ProjectBuilder import org.junit.jupiter.api.BeforeEach @@ -7,7 +8,11 @@ import org.junit.jupiter.api.Test import org.xbib.rpm.RpmReaderResult import org.xbib.rpm.RpmReader import org.xbib.rpm.format.Format + import java.nio.file.Paths +import java.util.logging.Level +import java.util.logging.Logger + import static org.hamcrest.MatcherAssert.assertThat import static org.hamcrest.CoreMatchers.* import static org.junit.jupiter.api.Assertions.assertTrue @@ -24,6 +29,7 @@ import static org.xbib.rpm.lead.Architecture.I386 import static org.xbib.rpm.lead.Os.LINUX import static org.xbib.rpm.lead.PackageType.BINARY +@Log class RpmSimpleTest { File projectDir