From 5bc546919f7274c09c180df188aa7d12fdd3bfeb Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Wed, 26 Apr 2023 10:59:16 +0200 Subject: [PATCH] build_library/gen_tmpfiles.py: Add options for allowed users and groups This will generate tmpfiles config only for directories that are owned by an allowed user and group if such are passed. Not passing any allowed users or groups, allows any user or group. --- build_library/gen_tmpfiles.py | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/build_library/gen_tmpfiles.py b/build_library/gen_tmpfiles.py index a4b4134ba1..15958bedbf 100755 --- a/build_library/gen_tmpfiles.py +++ b/build_library/gen_tmpfiles.py @@ -21,8 +21,15 @@ def main(): parser.add_option('--output', help='Write output to the given file') parser.add_option('--ignore', action='append', default=[], help='Ignore one or more paths (use multiple times)') + parser.add_option('--allow-user', action='append', default=[], + help='Allow entries owned by this user only (use multiple times for multiple users)') + parser.add_option('--allow-group', action='append', default=[], + help='Allow entries owned by this group only (use multiple times for multiple groups)') opts, args = parser.parse_args() + allowed_users = set(opts.allow_user) + allowed_groups = set(opts.allow_group) + if opts.root: opts.root = os.path.abspath(opts.root) @@ -59,7 +66,7 @@ def main(): stripped = path if stripped in opts.ignore: - continue + continue info = os.stat(path) assert stat.S_ISDIR(info.st_mode) @@ -67,10 +74,14 @@ def main(): try: owner = pwd.getpwuid(info.st_uid).pw_name + if allowed_users and owner not in allowed_users: + continue except KeyError: owner = str(info.st_uid) try: group = grp.getgrgid(info.st_gid).gr_name + if allowed_groups and group not in allowed_groups: + continue except KeyError: group = str(info.st_gid)