Mercurial > hg
comparison Makefile @ 23940:d0ef40776999 stable
osx: patch .pax.gz files in pkg bundles so they extract as root (issue4081)
The packages has to be installed by root but they would be installed
insecurely, owned by the uid of the unprivileged user that made the package.
The local user with that uid could thus write to /usr/local/bin/hg .
bdist_mpkg calls out to pax to create the package, but pax do apparently not
have the power to control what it is writing.
Instead, patch the pax files and set their uid fields to 0 before they are
wrapped in a dmg.
| author | Mads Kiilerich <madski@unity3d.com> |
|---|---|
| date | Fri, 23 Jan 2015 06:28:28 +0100 |
| parents | d7a90949fc18 |
| children | 00809c43d72c |
comparison
equal
deleted
inserted
replaced
| 23939:33d1b81c6ef0 | 23940:d0ef40776999 |
|---|---|
| 138 osx: | 138 osx: |
| 139 python -c 'import bdist_mpkg.script_bdist_mpkg' || \ | 139 python -c 'import bdist_mpkg.script_bdist_mpkg' || \ |
| 140 (echo "Missing bdist_mpkg (easy_install bdist_mpkg)"; false) | 140 (echo "Missing bdist_mpkg (easy_install bdist_mpkg)"; false) |
| 141 rm -rf dist/mercurial-*.mpkg | 141 rm -rf dist/mercurial-*.mpkg |
| 142 python -m bdist_mpkg.script_bdist_mpkg setup.py -- | 142 python -m bdist_mpkg.script_bdist_mpkg setup.py -- |
| 143 python contrib/fixpax.py dist/mercurial-*.mpkg/Contents/Packages/*.pkg/Contents/Archive.pax.gz | |
| 143 mkdir -p packages/osx | 144 mkdir -p packages/osx |
| 144 N=`cd dist && echo mercurial-*.mpkg | sed 's,\.mpkg$$,,'` && hdiutil create -srcfolder dist/$$N.mpkg/ -scrub -volname "$$N" -ov packages/osx/$$N.dmg | 145 N=`cd dist && echo mercurial-*.mpkg | sed 's,\.mpkg$$,,'` && hdiutil create -srcfolder dist/$$N.mpkg/ -scrub -volname "$$N" -ov packages/osx/$$N.dmg |
| 145 rm -rf dist/mercurial-*.mpkg | 146 rm -rf dist/mercurial-*.mpkg |
| 146 | 147 |
| 147 fedora20: | 148 fedora20: |