Drop umask in favour of mode.

umask cannot set a regular file as executable, nor allows setting suid/sgid/sticky bits. Using chmod properly, there is no security problem.

Drop umask in favour of mode.
umask cannot set a regular file as executable, nor allows setting suid/sgid/sticky bits. Using chmod properly, there is no security problem.
95897331 · Vincent Pelletier · 6819d839 · 95897331 · 95897331
Commit 95897331 authored Aug 21, 2012 by Vincent Pelletier
Showing with 19 additions and 8 deletions

slapos/recipe/template/README.jinja2.txt slapos/recipe/template/README.jinja2.txt +5 -5

slapos/recipe/template/jinja2_template.py slapos/recipe/template/jinja2_template.py +14 -3

No files found.
--- a/slapos/recipe/template/README.jinja2.txt
+++ b/slapos/recipe/template/README.jinja2.txt
@@ -112,9 +112,9 @@ Optional:
  Template's MD5, for file integrity checking. By default, no integrity check
  is done.

-``umask``
-  Umask, in octal notation (no need for 0-prefix), to create output file with.
-  Defaults to system's umask at the time recipe is instanciated.
+``mode``
+  Mode, in octal representation (no need for 0-prefix) to set output file to.
+  This is applied before storing anything in output file.

 ``extensions``
  Jinja2 extensions to enable when rendering the template,
@@ -210,7 +210,7 @@ If the md5sum doesn't match, the buildout fail::
 Specify filesystem permissions
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-You can specify the umask for rendered file::
+You can specify the mode for rendered file::

    >>> write('template.in', '{{bar}}')
    >>> write('buildout.cfg',
@@ -223,7 +223,7 @@ You can specify the umask for rendered file::
    ... template = template.in
    ... rendered = foo
    ... context = key bar buildout:parts
-    ... umask = 570
+    ... mode = 206
    ... ''')
    >>> print system(join('bin', 'buildout')),
    Uninstalling template.

--- a/slapos/recipe/template/jinja2_template.py
+++ b/slapos/recipe/template/jinja2_template.py
@@ -62,6 +62,8 @@ EXPRESSION_HANDLER = {
 }

 class Recipe(object):
+    mode = None
+
    def __init__(self, buildout, name, options):
        self.template = zc.buildout.download.Download(
                buildout['buildout'],
@@ -85,8 +87,10 @@ class Recipe(object):
                    variable_name, ))
            context[variable_name] = EXPRESSION_HANDLER[expression_type](
                expression, buildout, name, options)
-        if 'umask' in options:
-            self.umask = int(options['umask'], 8)
+        mode = options.get('mode')
+        if mode:
+            self.mode = int(mode, 8)
+        # umask is deprecated, but kept for backward compatibility
        umask_value = options.get('umask')
        if umask_value:
            self.umask = int(umask_value, 8)
@@ -102,7 +106,14 @@ class Recipe(object):
            outdir = os.path.dirname(self.rendered)
            if outdir and not os.path.exists(outdir):
                os.makedirs(outdir)
-            with open(self.rendered, 'w') as out:
+            # XXX: open doesn't allow providing a filesystem mode, so use
+            # os.open and os.fdopen instead.
+            out_fd = os.open(self.rendered,
+                os.O_CREAT | os.O_TRUNC | os.O_WRONLY,
+            )
+            if self.mode is not None:
+                os.fchmod(out_fd, self.mode)
+            with os.fdopen(out_fd, 'w') as out:
                out.write(Template(
                        open(self.template).read(),
                        extensions=self.extension_list,