From: Michal Marek <mmarek@xxxxxxx>
Use the --owner= and --group= options to make sure the entries in
the built tar file are owned by root. Without this change, a
careless sysadmin using the tar-pkg target can easily end up
installing a kernel that is writable by the unprivileged user
account used to build the kernel.
Test that these options are understood before using them so that
non-GNU versions of tar can still be used if the operator is
appropriately cautious.
Signed-off-by: Jonathan Nieder <jrnieder@xxxxxxxxx>
---
scripts/package/buildtar | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/scripts/package/buildtar b/scripts/package/buildtar
index b1fd48d..51b2aa0 100644
--- a/scripts/package/buildtar
+++ b/scripts/package/buildtar
@@ -101,7 +101,11 @@ esac
#
(
cd "${tmpdir}"
- tar cf - . | ${compress} > "${tarball}${file_ext}"
+ opts=
+ if tar --owner=root --group=root --help >/dev/null 2>&1; then
+ opts="--owner=root --group=root"
+ fi
+ tar cf - . $opts | ${compress} > "${tarball}${file_ext}"
)
echo "Tarball successfully created in ${tarball}${file_ext}"
--
1.6.5.3
--
To unsubscribe from this list: send the line "unsubscribe linux-kbuild" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
