Commit 91d16185 authored by Michal Marek's avatar Michal Marek
Browse files

scripts/package: tar-pkg: use tar --owner=root 



Use the --owner= and --group= options to make sure the entries in
the built tar file are owned by root.  Without this change, a
careless sysadmin using the tar-pkg target can easily end up
installing a kernel that is writable by the unprivileged user
account used to build the kernel.

Test that these options are understood before using them so that
non-GNU versions of tar can still be used if the operator is
appropriately cautious.

Signed-off-by: default avatarJonathan Nieder <jrnieder@gmail.com>
Signed-off-by: default avatarMichal Marek <mmarek@suse.cz>
parent 8723eaef

scripts/package/buildtar

+5 −1
Original line number Diff line number Diff line
@@ -101,7 +101,11 @@ esac 
#

(

	cd "${tmpdir}"

	tar cf - . | ${compress} > "${tarball}${file_ext}"

	opts=

	if tar --owner=root --group=root --help >/dev/null 2>&1; then

		opts="--owner=root --group=root"

	fi

	tar cf - . $opts | ${compress} > "${tarball}${file_ext}"

)



echo "Tarball successfully created in ${tarball}${file_ext}"

CRA Git | Maintained and supported by SUSTech CRA and CCSE