Verified Commit c10004df authored by David Runge's avatar David Runge 🐿
Browse files

Fix issues with file ownerships/modes

Make sure to always compare absolute paths in `_make_custom_airootfs()` (as `realpath` is used).
Remove `echo` calls that prevent the setting of actual file ownerships and modes.

Set file mode of /root/ to 755.

Fixes #82
parent 863247d0
......@@ -269,14 +269,14 @@ _make_custom_airootfs() {
for filename in "${!file_permissions[@]}"; do
IFS=':' read -ra permissions <<< "${file_permissions["${filename}"]}"
# Prevent file path traversal outside of $airootfs_dir
if [[ "$(realpath -q -- "${airootfs_dir}${filename}")" != "${airootfs_dir}"* ]]; then
if [[ "$(realpath -q -- "${airootfs_dir}${filename}")" != "$(realpath -q -- "${airootfs_dir}")"* ]]; then
_msg_error "Failed to set permissions on '${airootfs_dir}${filename}'. Outside of valid path." 1
# Warn if the file does not exist
elif [[ ! -e "${airootfs_dir}${filename}" ]]; then
_msg_warning "Cannot change permissions of '${airootfs_dir}${filename}'. The file or directory does not exist."
echo chown -fh -- "${permissions[0]}:${permissions[1]}" "${airootfs_dir}${filename}"
echo chmod -f -- "${permissions[2]}" "${airootfs_dir}${filename}"
chown -fh -- "${permissions[0]}:${permissions[1]}" "${airootfs_dir}${filename}"
chmod -f -- "${permissions[2]}" "${airootfs_dir}${filename}"
_msg_info "Done!"
......@@ -14,7 +14,7 @@ airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size'
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment