diff --git a/SOURCES/0001-init-fs-Explicitly-set-tmp-to-01777.patch b/SOURCES/0001-init-fs-Explicitly-set-tmp-to-01777.patch new file mode 100644 index 0000000..8475030 --- /dev/null +++ b/SOURCES/0001-init-fs-Explicitly-set-tmp-to-01777.patch @@ -0,0 +1,36 @@ +From 7bf138b0364c8922da108e81a649bef1a5ad212b Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Fri, 30 Oct 2015 17:10:23 -0400 +Subject: [PATCH] init-fs: Explicitly set /tmp to 01777 + +I think most people were using tmpfs-on-tmp and so didn't hit this. + +See https://bugzilla.redhat.com/show_bug.cgi?id=1276775 +--- + src/ostree/ot-admin-builtin-init-fs.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/src/ostree/ot-admin-builtin-init-fs.c b/src/ostree/ot-admin-builtin-init-fs.c +index 71b3b55..0172f01 100644 +--- a/src/ostree/ot-admin-builtin-init-fs.c ++++ b/src/ostree/ot-admin-builtin-init-fs.c +@@ -77,6 +77,16 @@ ot_admin_builtin_init_fs (int argc, char **argv, GCancellable *cancellable, GErr + child = g_file_get_child (dir, "tmp"); + if (!gs_file_ensure_directory_mode (child, 01777, cancellable, error)) + goto out; ++ /* FIXME - we should be using an API that explicitly ignores umask; ++ */ ++ { ++ const char *path = gs_file_get_path_cached (child); ++ if (chmod (path, 01777) == -1) ++ { ++ gs_set_prefix_error_from_errno (error, errno, "chmod"); ++ goto out; ++ } ++ } + g_clear_object (&child); + + if (!ostree_sysroot_ensure_initialized (target_sysroot, cancellable, error)) +-- +1.8.3.1 + diff --git a/SOURCES/0001-ostree-remount-Explicitly-set-tmp-to-01777.patch b/SOURCES/0001-ostree-remount-Explicitly-set-tmp-to-01777.patch new file mode 100644 index 0000000..2cbc15d --- /dev/null +++ b/SOURCES/0001-ostree-remount-Explicitly-set-tmp-to-01777.patch @@ -0,0 +1,31 @@ +From e7ef7ccc9540f493fe99037f3592f8b956d5edc6 Mon Sep 17 00:00:00 2001 +From: Matthew Barnes +Date: Fri, 13 Nov 2015 09:54:52 -0500 +Subject: [PATCH] [PATCH] ostree-remount: Explicitly set /tmp to 01777 + +See https://bugzilla.redhat.com/show_bug.cgi?id=1276775 +--- + src/switchroot/ostree-remount.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/src/switchroot/ostree-remount.c b/src/switchroot/ostree-remount.c +index b8d3a96..9dff2a0 100644 +--- a/src/switchroot/ostree-remount.c ++++ b/src/switchroot/ostree-remount.c +@@ -117,5 +117,13 @@ main(int argc, char *argv[]) + + maybe_mount_tmpfs_on_var (); + ++ /* Ensure /sysroot/tmp is world-writable. Works around a bug ++ * where init-fs left the directory writable only to root. */ ++ if (chmod ("/sysroot/tmp", 01777) == -1) ++ { ++ perror ("failed to chmod /sysroot/tmp"); ++ exit (EXIT_FAILURE); ++ } ++ + exit (EXIT_SUCCESS); + } +-- +2.5.0 + diff --git a/SPECS/ostree.spec b/SPECS/ostree.spec index cd0f407..a09f299 100644 --- a/SPECS/ostree.spec +++ b/SPECS/ostree.spec @@ -34,6 +34,9 @@ Requires: libgsystem >= 2015.1 Requires: dracut Requires: systemd-units +Patch1: 0001-init-fs-Explicitly-set-tmp-to-01777.patch +Patch2: 0001-ostree-remount-Explicitly-set-tmp-to-01777.patch + %description OSTree is a tool for managing bootable, immutable, versioned filesystem trees. While it takes over some of the roles of tradtional