summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJoey Hess2016-11-20 20:07:57 -0400
committerJoey Hess2016-11-20 20:07:57 -0400
commitc47474d3a8ea926c185481acf4f0c21006b8d7ef (patch)
tree5865446cbb2a0db104e722a3a3c946ee6c6133b8 /src
parent1178d210043894a87ee4cdb8cda00ca8da5883c5 (diff)
parent42fafdc21313dff0e5d1972b457d5edcc589cfb0 (diff)
Merge branch 'master' into joeyconfig
Diffstat (limited to 'src')
-rw-r--r--src/Propellor/Property/Debootstrap.hs22
1 files changed, 14 insertions, 8 deletions
diff --git a/src/Propellor/Property/Debootstrap.hs b/src/Propellor/Property/Debootstrap.hs
index f9737cac..f8cb6e0e 100644
--- a/src/Propellor/Property/Debootstrap.hs
+++ b/src/Propellor/Property/Debootstrap.hs
@@ -51,18 +51,15 @@ built :: FilePath -> System -> DebootstrapConfig -> Property Linux
built target system config = built' (setupRevertableProperty installed) target system config
built' :: Property Linux -> FilePath -> System -> DebootstrapConfig -> Property Linux
-built' installprop target system@(System _ arch) config =
- check (unpopulated target <||> ispartial) setupprop
- `requires` installprop
+built' installprop target system@(System _ arch) config =
+ go `before` oldpermfix
where
+ go = check (unpopulated target <||> ispartial) setupprop
+ `requires` installprop
+
setupprop :: Property Linux
setupprop = property ("debootstrapped " ++ target) $ liftIO $ do
createDirectoryIfMissing True target
- -- Don't allow non-root users to see inside the chroot,
- -- since doing so can allow them to do various attacks
- -- including hard link farming suid programs for later
- -- exploitation.
- modifyFileMode target (removeModes [otherReadMode, otherExecuteMode, otherWriteMode])
suite <- case extractSuite system of
Nothing -> errorMessage $ "don't know how to debootstrap " ++ show system
Just s -> pure s
@@ -86,6 +83,15 @@ built' installprop target system@(System _ arch) config =
return True
, return False
)
+
+ -- May want to remove this after some appropriate length of time,
+ -- as it's a workaround for chroots set up with too tight
+ -- permissions.
+ oldpermfix :: Property Linux
+ oldpermfix = property ("fixed old chroot file mode") $ do
+ liftIO $ modifyFileMode target $
+ addModes [otherReadMode, otherExecuteMode]
+ return NoChange
extractSuite :: System -> Maybe String
extractSuite (System (Debian _ s) _) = Just $ Apt.showSuite s