summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRichard Ipsum <richard.ipsum@codethink.co.uk>2015-07-20 15:27:47 +0100
committerBaserock Gerrit <gerrit@baserock.org>2015-07-20 17:49:24 +0000
commitfb2389d4915c7f17949a955b9e7780c40871180f (patch)
treedd32a0d9c8e207c1e0dcf6ac1bfe94132c7f08cb
parentaae21ac82827bead8dbf1c0c9f078c2c574981dd (diff)
downloadmorph-fb2389d4915c7f17949a955b9e7780c40871180f.tar.gz
Extract downloaded tarball as current user
tar will preserve ownership and permissions by default if running as the superuser, whereas git doesn't track ownership, the owner is set to the user running the clone. This is a reproducibility hole since the resulting repo may differ depending on whether the repo was obtained from a tarball or via a git clone, but morph considers the repos to be equivalent. Running tar with --no-same-owner ensures the files written by tar will be owned by the user extracting the archive. This only fixes half the problem, lorry may also need to be modified to ensure files in the tarball have the same mode as those in the git repo. Change-Id: I849d054bc4574f9c0bbcfd608914306e52b7a22e
-rw-r--r--morphlib/localrepocache.py2
1 files changed, 1 insertions, 1 deletions
diff --git a/morphlib/localrepocache.py b/morphlib/localrepocache.py
index ba11fb96..26c516ce 100644
--- a/morphlib/localrepocache.py
+++ b/morphlib/localrepocache.py
@@ -130,7 +130,7 @@ class LocalRepoCache(object):
return ['wget'] + verbosity_flags + ['-O-', url]
self._app.runcmd(wget_command(),
- ['tar', 'xf', '-'],
+ ['tar', '--no-same-owner', '-xf', '-'],
cwd=path, **kwargs)
def _mkdtemp(self, dirname): # pragma: no cover