From d80b18dec30e60d68a5060ab4f0f053045d301b9 Mon Sep 17 00:00:00 2001 From: Hisham Date: Tue, 3 May 2016 18:54:31 -0300 Subject: Set permissions explicitly when copying or moving files. --- src/luarocks/add.lua | 2 +- src/luarocks/build.lua | 20 +++++++++++--------- src/luarocks/build/builtin.lua | 19 +++++++++++-------- src/luarocks/cfg.lua | 2 ++ src/luarocks/download.lua | 3 ++- src/luarocks/fs/lua.lua | 23 ++++++++++++++++------- src/luarocks/fs/unix.lua | 4 ++-- src/luarocks/pack.lua | 12 ++++++------ src/luarocks/repos.lua | 12 +++++++----- src/luarocks/unpack.lua | 3 ++- 10 files changed, 60 insertions(+), 40 deletions(-) (limited to 'src') diff --git a/src/luarocks/add.lua b/src/luarocks/add.lua index 81adff9b..ccd303e6 100644 --- a/src/luarocks/add.lua +++ b/src/luarocks/add.lua @@ -54,7 +54,7 @@ local function add_files_to_server(refresh, rockfiles, server, upload_server) if fs.exists(rockfile) then util.printout("Copying file "..rockfile.." to "..local_cache.."...") local absolute = fs.absolute_name(rockfile) - fs.copy(absolute, local_cache) + fs.copy(absolute, local_cache, cfg.perm_read) table.insert(files, dir.base_name(absolute)) else util.printerr("File "..rockfile.." not found") diff --git a/src/luarocks/build.lua b/src/luarocks/build.lua index 68f20264..bdc3b57a 100644 --- a/src/luarocks/build.lua +++ b/src/luarocks/build.lua @@ -53,9 +53,11 @@ or the name of a rock to be fetched from a repository. -- @param location string: The base directory files should be copied to. -- @param is_module_path boolean: True if string keys in files should be -- interpreted as dotted module paths. +-- @param perms string: Permissions of the newly created files installed. +-- Directories are always created with the default permissions. -- @return boolean or (nil, string): True if succeeded or -- nil and an error message. -local function install_files(files, location, is_module_path) +local function install_files(files, location, is_module_path, perms) assert(type(files) == "table" or not files) assert(type(location) == "string") if files then @@ -85,7 +87,7 @@ local function install_files(files, location, is_module_path) local ok, err = fs.make_dir(dest) if not ok then return nil, err end end - local ok = fs.copy(dir.path(file), dir.path(dest, filename)) + local ok = fs.copy(dir.path(file), dir.path(dest, filename), perms) if not ok then return nil, "Failed copying "..file end @@ -142,7 +144,7 @@ local function install_default_docs(name, version) fs.make_dir(dest) has_dir = true end - fs.copy(file, dest) + fs.copy(file, dest, cfg.perm_read) break end end @@ -220,10 +222,10 @@ function build.build_rockspec(rockspec_file, need_to_fetch, minimal_mode, deps_m end local dirs = { - lua = { name = path.lua_dir(name, version), is_module_path = true }, - lib = { name = path.lib_dir(name, version), is_module_path = true }, - conf = { name = path.conf_dir(name, version), is_module_path = false }, - bin = { name = path.bin_dir(name, version), is_module_path = false }, + lua = { name = path.lua_dir(name, version), is_module_path = true, perms = cfg.perm_read }, + lib = { name = path.lib_dir(name, version), is_module_path = true, perms = cfg.perm_exec }, + conf = { name = path.conf_dir(name, version), is_module_path = false, perms = cfg.perm_read }, + bin = { name = path.bin_dir(name, version), is_module_path = false, perms = cfg.perm_exec }, } for _, d in pairs(dirs) do @@ -270,7 +272,7 @@ function build.build_rockspec(rockspec_file, need_to_fetch, minimal_mode, deps_m if build_spec.install then for id, install_dir in pairs(dirs) do - ok, err = install_files(build_spec.install[id], install_dir.name, install_dir.is_module_path) + ok, err = install_files(build_spec.install[id], install_dir.name, install_dir.is_module_path, install_dir.perms) if not ok then return nil, err end @@ -308,7 +310,7 @@ function build.build_rockspec(rockspec_file, need_to_fetch, minimal_mode, deps_m fs.pop_dir() - fs.copy(rockspec.local_filename, path.rockspec_file(name, version)) + fs.copy(rockspec.local_filename, path.rockspec_file(name, version), cfg.perm_read) if need_to_fetch then fs.pop_dir() end diff --git a/src/luarocks/build/builtin.lua b/src/luarocks/build/builtin.lua index afd05954..b6062bd7 100644 --- a/src/luarocks/build/builtin.lua +++ b/src/luarocks/build/builtin.lua @@ -175,7 +175,8 @@ function builtin.run(rockspec) end local ok, err - local built_modules = {} + local lua_modules = {} + local lib_modules = {} local luadir = path.lua_dir(rockspec.name, rockspec.version) local libdir = path.lib_dir(rockspec.name, rockspec.version) --TODO EXEWRAPPER @@ -215,7 +216,7 @@ function builtin.run(rockspec) end end local dest = dir.path(luadir, moddir, filename) - built_modules[info] = dest + lua_modules[info] = dest else info = {info} end @@ -242,18 +243,20 @@ function builtin.run(rockspec) ok, err = fs.make_dir(moddir) if not ok then return nil, err end end - built_modules[module_name] = dir.path(libdir, module_name) + lib_modules[module_name] = dir.path(libdir, module_name) ok = compile_library(module_name, objects, info.libraries, info.libdirs, name) if not ok then return nil, "Failed compiling module "..module_name end end end - for name, dest in pairs(built_modules) do - fs.make_dir(dir.dir_name(dest)) - ok, err = fs.copy(name, dest) - if not ok then - return nil, "Failed installing "..name.." in "..dest..": "..err + for _, mods in ipairs({{ tbl = lua_modules, perms = cfg.perm_read }, { tbl = lib_modules, perms = cfg.perm_exec }}) do + for name, dest in pairs(mods.tbl) do + fs.make_dir(dir.dir_name(dest)) + ok, err = fs.copy(name, dest, mods.perms) + if not ok then + return nil, "Failed installing "..name.." in "..dest..": "..err + end end end if fs.is_dir("lua") then diff --git a/src/luarocks/cfg.lua b/src/luarocks/cfg.lua index 591a456a..9b1c5902 100644 --- a/src/luarocks/cfg.lua +++ b/src/luarocks/cfg.lua @@ -306,6 +306,8 @@ local defaults = { hooks_enabled = true, deps_mode = "one", check_certificates = false, + perm_read = "0644", + perm_exec = "0755", lua_modules_path = "/share/lua/"..cfg.lua_version, lib_modules_path = "/lib/lua/"..cfg.lua_version, diff --git a/src/luarocks/download.lua b/src/luarocks/download.lua index 090f49aa..6d95d8fd 100644 --- a/src/luarocks/download.lua +++ b/src/luarocks/download.lua @@ -11,6 +11,7 @@ local fetch = require("luarocks.fetch") local search = require("luarocks.search") local fs = require("luarocks.fs") local dir = require("luarocks.dir") +local cfg = require("luarocks.cfg") download.help_summary = "Download a specific rock file from a rocks server." download.help_arguments = "[--all] [--arch= | --source | --rockspec] [ []]" @@ -25,7 +26,7 @@ download.help = [[ local function get_file(filename) local protocol, pathname = dir.split_url(filename) if protocol == "file" then - local ok, err = fs.copy(pathname, fs.current_dir()) + local ok, err = fs.copy(pathname, fs.current_dir(), cfg.perm_read) if ok then return pathname else diff --git a/src/luarocks/fs/lua.lua b/src/luarocks/fs/lua.lua index 483b3e3c..a31cbb4e 100644 --- a/src/luarocks/fs/lua.lua +++ b/src/luarocks/fs/lua.lua @@ -255,6 +255,10 @@ function fs_lua.make_dir(directory) if not ok then return false, err end + ok, err = fs.chmod(path, cfg.perm_exec) + if not ok then + return false, err + end elseif mode ~= "directory" then return false, path.." is not a directory" end @@ -320,12 +324,14 @@ end -- Assumes paths are normalized. -- @param src string: Pathname of source -- @param dest string: Pathname of destination +-- @param perms string or nil: Optional permissions. +-- If not given, permissions of the source are copied over to the destination. -- @return boolean or (boolean, string): true on success, false on failure -local function recursive_copy(src, dest) +local function recursive_copy(src, dest, perms) local srcmode = lfs.attributes(src, "mode") if srcmode == "file" then - local ok = fs.copy(src, dest) + local ok = fs.copy(src, dest, perms) if not ok then return false end elseif srcmode == "directory" then local subdir = dir.path(dest, dir.base_name(src)) @@ -333,7 +339,7 @@ local function recursive_copy(src, dest) if not ok then return nil, err end for file in lfs.dir(src) do if file ~= "." and file ~= ".." then - local ok = recursive_copy(dir.path(src, file), subdir) + local ok = recursive_copy(dir.path(src, file), subdir, perms) if not ok then return false end end end @@ -344,9 +350,10 @@ end --- Recursively copy the contents of a directory. -- @param src string: Pathname of source -- @param dest string: Pathname of destination +-- @param perms string or nil: Optional permissions. -- @return boolean or (boolean, string): true on success, false on failure, -- plus an error message. -function fs_lua.copy_contents(src, dest) +function fs_lua.copy_contents(src, dest, perms) assert(src and dest) src = dir.normalize(src) dest = dir.normalize(dest) @@ -354,7 +361,7 @@ function fs_lua.copy_contents(src, dest) for file in lfs.dir(src) do if file ~= "." and file ~= ".." then - local ok = recursive_copy(dir.path(src, file), dest) + local ok = recursive_copy(dir.path(src, file), dest, perms) if not ok then return false, "Failed copying "..src.." to "..dest end @@ -799,14 +806,16 @@ end --- Move a file. -- @param src string: Pathname of source -- @param dest string: Pathname of destination +-- @param perms string or nil: Permissions for destination file, +-- or nil to use the source filename permissions. -- @return boolean or (boolean, string): true on success, false on failure, -- plus an error message. -function fs_lua.move(src, dest) +function fs_lua.move(src, dest, perms) assert(src and dest) if fs.exists(dest) and not fs.is_dir(dest) then return false, "File already exists: "..dest end - local ok, err = fs.copy(src, dest) + local ok, err = fs.copy(src, dest, perms) if not ok then return false, err end diff --git a/src/luarocks/fs/unix.lua b/src/luarocks/fs/unix.lua index 570b26e4..e2cc825b 100644 --- a/src/luarocks/fs/unix.lua +++ b/src/luarocks/fs/unix.lua @@ -66,7 +66,7 @@ function unix.wrap_script(file, dest, name, version) local addctx = "local k,l,_=pcall(require,"..util.LQ("luarocks.loader")..") _=k and l.add_context("..util.LQ(name)..","..util.LQ(version)..")" wrapper:write('exec '..fs.Q(lua)..' -e '..fs.Q(ppaths)..' -e '..fs.Q(addctx)..' '..fs.Q(file)..' "$@"\n') wrapper:close() - if fs.chmod(wrapname, "0755") then + if fs.chmod(wrapname, cfg.perm_exec) then return true else return nil, "Could not make "..wrapname.." executable." @@ -96,7 +96,7 @@ function unix.is_actual_binary(filename) end function unix.copy_binary(filename, dest) - return fs.copy(filename, dest, "0755") + return fs.copy(filename, dest, cfg.perm_exec) end --- Move a file on top of the other. diff --git a/src/luarocks/pack.lua b/src/luarocks/pack.lua index c73d66ab..e4498f5a 100644 --- a/src/luarocks/pack.lua +++ b/src/luarocks/pack.lua @@ -53,7 +53,7 @@ function pack.pack_source_rock(rockspec_file) if not ok then return nil, err end fs.delete(rock_file) - fs.copy(rockspec_file, source_dir) + fs.copy(rockspec_file, source_dir, cfg.perm_read) if not fs.zip(rock_file, dir.base_name(rockspec_file), dir.base_name(source_file)) then return nil, "Failed packing "..rock_file end @@ -62,7 +62,7 @@ function pack.pack_source_rock(rockspec_file) return rock_file end -local function copy_back_files(name, version, file_tree, deploy_dir, pack_dir) +local function copy_back_files(name, version, file_tree, deploy_dir, pack_dir, perms) local ok, err = fs.make_dir(pack_dir) if not ok then return nil, err end for file, sub in pairs(file_tree) do @@ -74,9 +74,9 @@ local function copy_back_files(name, version, file_tree, deploy_dir, pack_dir) else local versioned = path.versioned_name(source, deploy_dir, name, version) if fs.exists(versioned) then - fs.copy(versioned, target) + fs.copy(versioned, target, perms) else - fs.copy(source, target) + fs.copy(source, target, perms) end end end @@ -135,12 +135,12 @@ local function do_pack_binary_rock(name, version) local is_binary = false if rock_manifest.lib then - local ok, err = copy_back_files(name, version, rock_manifest.lib, path.deploy_lib_dir(root), dir.path(temp_dir, "lib")) + local ok, err = copy_back_files(name, version, rock_manifest.lib, path.deploy_lib_dir(root), dir.path(temp_dir, "lib"), cfg.perm_exec) if not ok then return nil, "Failed copying back files: " .. err end is_binary = true end if rock_manifest.lua then - local ok, err = copy_back_files(name, version, rock_manifest.lua, path.deploy_lua_dir(root), dir.path(temp_dir, "lua")) + local ok, err = copy_back_files(name, version, rock_manifest.lua, path.deploy_lua_dir(root), dir.path(temp_dir, "lua"), cfg.perm_read) if not ok then return nil, "Failed copying back files: " .. err end end diff --git a/src/luarocks/repos.lua b/src/luarocks/repos.lua index 17456593..66b1377f 100644 --- a/src/luarocks/repos.lua +++ b/src/luarocks/repos.lua @@ -199,9 +199,6 @@ function repos.deploy_files(name, version, wrap_bin_scripts) local function deploy_file_tree(file_tree, path_fn, deploy_dir, move_fn) local source_dir = path_fn(name, version) - if not move_fn then - move_fn = fs.move - end return recurse_rock_manifest_tree(file_tree, function(parent_path, parent_module, file) local source = dir.path(source_dir, parent_path, file) @@ -239,11 +236,16 @@ function repos.deploy_files(name, version, wrap_bin_scripts) local move_bin_fn = wrap_bin_scripts and install_binary or fs.copy_binary ok, err = deploy_file_tree(rock_manifest.bin, path.bin_dir, cfg.deploy_bin_dir, move_bin_fn) end + local function make_mover(perms) + return function (src, dest) + return fs.move(src, dest, perms) + end + end if ok and rock_manifest.lua then - ok, err = deploy_file_tree(rock_manifest.lua, path.lua_dir, cfg.deploy_lua_dir) + ok, err = deploy_file_tree(rock_manifest.lua, path.lua_dir, cfg.deploy_lua_dir, make_mover(cfg.perm_read)) end if ok and rock_manifest.lib then - ok, err = deploy_file_tree(rock_manifest.lib, path.lib_dir, cfg.deploy_lib_dir) + ok, err = deploy_file_tree(rock_manifest.lib, path.lib_dir, cfg.deploy_lib_dir, make_mover(cfg.perm_exec)) end return ok, err end diff --git a/src/luarocks/unpack.lua b/src/luarocks/unpack.lua index a889bac5..d90f0571 100644 --- a/src/luarocks/unpack.lua +++ b/src/luarocks/unpack.lua @@ -10,6 +10,7 @@ local fs = require("luarocks.fs") local util = require("luarocks.util") local build = require("luarocks.build") local dir = require("luarocks.dir") +local cfg = require("luarocks.cfg") unpack.help_summary = "Unpack the contents of a rock." unpack.help_arguments = "[--force] {| []}" @@ -128,7 +129,7 @@ local function run_unpacker(file, force) end if kind == "src" or kind == "rockspec" then if rockspec.source.dir ~= "." then - local ok = fs.copy(rockspec.local_filename, rockspec.source.dir) + local ok = fs.copy(rockspec.local_filename, rockspec.source.dir, cfg.perm_read) if not ok then return nil, "Failed copying unpacked rockspec into unpacked source directory." end -- cgit v1.2.3-55-g6feb