diff --git a/VERSION-openeuler b/VERSION-openeuler index 61830a6..f117806 100644 --- a/VERSION-openeuler +++ b/VERSION-openeuler @@ -1 +1 @@ -0.9.4-12 +0.9.4-13 diff --git a/git-commit b/git-commit index 71fea19..f8789e8 100644 --- a/git-commit +++ b/git-commit @@ -1 +1 @@ -2c3d247b4b89071ce93669e85c47ac846820c1c6 +a7020e9811168d5cebb809294adb6445ba134753 diff --git a/isula-build.spec b/isula-build.spec index fc02cbf..63bdedc 100644 --- a/isula-build.spec +++ b/isula-build.spec @@ -2,7 +2,7 @@ Name: isula-build Version: 0.9.4 -Release: 12 +Release: 13 Summary: A tool to build container images License: Mulan PSL V2 URL: https://gitee.com/openeuler/isula-build @@ -85,6 +85,9 @@ fi /usr/share/bash-completion/completions/isula-build %changelog +* Fri Dec 11 2020 lujingxiao - 0.9.4-12 +- Change default umask of isula-builder process + * Tue Dec 08 2020 caihaomin - 0.9.4-12 - Fix printing FROM command double times to console diff --git a/patch/0075-change-default-umask-of-isula-builder-pr.patch b/patch/0075-change-default-umask-of-isula-builder-pr.patch new file mode 100644 index 0000000..8a54969 --- /dev/null +++ b/patch/0075-change-default-umask-of-isula-builder-pr.patch @@ -0,0 +1,37 @@ +From c9aa2a92e06d32dada0029fbf9154f23afbf506b Mon Sep 17 00:00:00 2001 +From: Lu Jingxiao +Date: Fri, 11 Dec 2020 10:53:36 +0800 +Subject: [PATCH] isula-build: change default umask of isula-builder process + +As the daemon process, the working umask 0027 is not suitable. +0022 is better. + +Take this example: +isula-builder using 0027, the working dir of container for RUN command +(overlay/merged dir, as an example), has the 0640. Then developer changes +working user in RUN command to a non-root user, it will not have +correct permission to work. + +Signed-off-by: Lu Jingxiao +--- + constant.go | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/constant.go b/constant.go +index a0abfc9..30c1653 100644 +--- a/constant.go ++++ b/constant.go +@@ -51,8 +51,8 @@ const ( + DefaultRootDirMode = 0700 + // DefaultReadOnlyFileMode is the default root read only file mode + DefaultReadOnlyFileMode = 0444 +- // DefaultUmask is the working umask in isula-builder +- DefaultUmask = 0027 ++ // DefaultUmask is the working umask of isula-builder as a process, not for users ++ DefaultUmask = 0022 + // CliLogBufferLen is log channel buffer size + CliLogBufferLen = 8 + // HostsFilePath is the path of file hosts +-- +2.17.1 + diff --git a/series.conf b/series.conf index 80c0d1b..0945a6f 100644 --- a/series.conf +++ b/series.conf @@ -12,3 +12,4 @@ patch/0071-imporve-daemon-push-and-pull-unit-test.patch patch/0072-fuzz-add-more-fuzz-tests.patch patch/0073-cleancode-fix-problems-found-by-code-review.patch patch/0074-fix-printing-FROM-command-double-times-to-console.patch +patch/0075-change-default-umask-of-isula-builder-pr.patch