Problems with pkg_tar file permissions

[mwoehlke-kitware]

Description of the problem / feature request / question:

pkg_tar is unable to preserve the mode of files being packaged and makes everything executable by default. The following should be fixed:

• [ ] The default mode should be None, not "0555". Making everything executable by default is just wrong. (Implies not passing --mode to build_tar.py in such case.)
• [ ] When no --mode is passed to build_tar.py, the actual permissions of the original file (at least on platforms that support POSIX permissions) should be used. (Currently, there is a simple check that forces the mode to either 0644 or 0755.)
• [ ] Ability to specify symbolic modes (e.g. 'u+w'), as supported by tar, would be nice.
• [ ] Ability to preserve/set XATTRs and/or ACLs would be nice too.

Environment info

• Operating System: Fedora 25
• Bazel version (output of bazel info release): 0.4.5- (@non-git) compiled from bazel-0.4.5-dist.zip (sha256 2b737be42678)

[damienmg]

Why do you think that "Making everything executable by default is just wrong"? Seems like a bold statement.

The mode of the original file is a deterministic issue and does not means anything in the case of generated file, you can override it with modes starting next release.

Agree for the last 2 FR that would be nice to have.

[mwoehlke-kitware]

Why do you think that "Making everything executable by default is just wrong"?

Because execute is a permission. If Ye Olde UNIX didn't think that should be an exceptional case, there wouldn't be a permission for it.

Most files do not by default have execute permission (typically only the outputs of the C/C++ linker do). Normal text files are not supposed to have execute permission, nor is it in any way beneficial for them. (It's also obnoxious as it makes them green in ls output.)

Anyway, this is an easy fix; just default mode to None instead of "0555"... per the second AI, build_tar.py still doesn't preserve the original permissions (in fairness, this may be hard to do via Python), but unlike pkg_tar, it is already at least trying to DTRT by picking reasonable defaults based on whether or not the input files already have execute permission.

The mode of the original file is a deterministic issue and does not means anything in the case of generated file, you can override it with modes starting next release.

The mechanism for generating the files should already give a reasonable default, and if not, your build tree is already messed up (which is out of scope of this issue). The only files that should have execute permission are scripts and compiled binaries. In the latter case, the linker already does the right thing.

Not being able to magically determine what permissions the input files should have had is not a bug in pkg_tar :smile:.

[damienmg]

Jenkins: test this please.

This looks reasonable to me.

[damienmg]

oops commented on the issue instead of the PR

[hlopko]

As discussed in #3585 you can use mode" parameter in pkg_tar explicitly if needed.