From b6e66bce4dadd1a5b9f74a456de3ef5575e648fa Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 19 Jan 2014 17:19:04 -0500
Subject: libremakepkg: Check the permissions of the bind-mounted  directories

---
 src/chroot-tools/libremakepkg | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

(limited to 'src/chroot-tools/libremakepkg')

diff --git a/src/chroot-tools/libremakepkg b/src/chroot-tools/libremakepkg
index 1db9f08..96f86ab 100755
--- a/src/chroot-tools/libremakepkg
+++ b/src/chroot-tools/libremakepkg
@@ -54,6 +54,21 @@ indent() {
 	"$_indent" ' |  '
 }
 
+# Usage: _check_perms_dir $directory
+# Make sure that $directory is readable and executable (searchable) by 'nobody'
+check_directory_permissions() (
+	local dir=$1
+	# `cd` to the directory, then test `.`; that way if parent
+	# directories aren't readable, we aren't testing for that.  We
+	# only need the last element in `$dir`.
+	cd "$dir"
+	if ! sudo -u nobody test -r . -a -x .; then
+		error "Directory '%s' must be readable by user 'nobody'" "$dir"
+		return 1
+	fi
+	return 0
+)
+
 # Usage: exit_copy $copydir $src_owner
 # End immediately, but copy log files out
 exit_copy() {
@@ -236,6 +251,15 @@ main() {
 
 	# Make sure that the various *DEST directories exist
 	mkdir -p -- "$PKGDEST" "$SRCDEST" "$SRCPKGDEST" "$LOGDEST"
+	# Check the permissions for $startdir and $SRCDEST
+	(
+		declare -i ret=0
+		check_directory_permissions "$PWD" || ret=1
+		if ! [[ "$PWD" -ef "$SRCDEST" ]]; then
+			check_directory_permissions "$SRCDEST" || ret=1
+		fi
+		exit $ret
+	)
 
 	# OK, we are starting now ##############################################
 
-- 
cgit v1.2.2