search

goreleaser / nfpm

nFPM is Not FPM - a simple deb, rpm, apk, ipk, and arch linux packager written in Go
https://nfpm.goreleaser.com/
MIT License
2.15k stars 157 forks source link

bug: unchanged permessions on nfpm file #798

Closed hamzabessa closed 6 months ago

hamzabessa commented 6 months ago

What happened?

When attempting to modify the permessions of certain configuration files directly within the nfpm packaging file and testing it on a Debian environment, i found that the permessions remained unchanged.

How can we reproduce this?

Version 1.0.0 

name: "centreon-gorgone"
arch: "${ARCH}"
platform: "linux"
version_schema: "none"
version: "${VERSION}"
release: "${RELEASE}${DIST}"
section: "default"
priority: "optional"
maintainer: "Centreon <contact@centreon.com>"
description: |
  Centreon gorgone daemon
  Commit: @COMMIT_HASH@
vendor: "Centreon"
homepage: "https://www.centreon.com"
license: "Apache-2.0"

contents:
  - dst: "/etc/centreon-gorgone"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0755

  - dst: "/etc/centreon-gorgone/config.d"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0775

  - dst: "/etc/centreon-gorgone/config.d/cron.d"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0775

  - src: "./configuration/config.yaml"
    dst: "/etc/centreon-gorgone/config.yaml"
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0640

  - dst: "/var/lib/centreon-gorgone"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0775

  - dst: "/var/log/centreon-gorgone"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0775

  - dst: "/var/cache/centreon-gorgone"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0775

  - src: "./sudoers.d/centreon-gorgone"
    dst: "/etc/sudoers.d/centreon-gorgone"
    file_info:
      mode: 0600

  - src: "../config/systemd/gorgoned.rpm.service"
    dst: "/etc/systemd/system/gorgoned.service"
    file_info:
      mode: 0755
    packager: rpm
  - src: "../config/systemd/gorgoned.deb.service"
    dst: "/lib/systemd/system/gorgoned.service"
    file_info:
      mode: 0755
    packager: deb

  - src: "../config/systemd/gorgoned-sysconfig"
    dst: "/etc/sysconfig/gorgoned"
    type: config|noreplace
    packager: rpm
  - src: "../config/systemd/gorgoned-sysconfig"
    dst: "/etc/default/gorgoned"
    type: config|noreplace
    packager: deb

  - src: "../config/logrotate/gorgoned"
    dst: "/etc/logrotate.d/gorgoned"
    type: config|noreplace

  - src: "../gorgoned"
    dst: "/usr/bin/gorgoned"
    file_info:
      mode: 0755

  - src: "../gorgone"
    dst: "${PERL_VENDORLIB}/gorgone"
    expand: true

  - src: "../contrib/gorgone_config_init.pl"
    dst: "/usr/local/bin/"
    file_info:
      mode: 0755

  - src: "../contrib/gorgone_audit.pl"
    dst: "/usr/local/bin/"
    file_info:
      mode: 0755

  - src: "../contrib/gorgone_install_plugins.pl"
    dst: "/usr/local/bin/"
    file_info:
      mode: 0750

  - src: "../contrib/gorgone_key_thumbprint.pl"
    dst: "/usr/local/bin/"
    file_info:
      mode: 0750

scripts:
  preinstall: ./scripts/centreon-gorgone-preinstall.sh
  postinstall: ./scripts/centreon-gorgone-postinstall.sh
  preremove: ./scripts/centreon-gorgone-preremove.sh

overrides:
  rpm:
    depends:
      - centreon-common
      - bzip2
      - perl-Libssh-Session >= 0.8
      - perl-CryptX
      - perl-Mojolicious
      - perl(Archive::Tar)
      - perl(Schedule::Cron)
      - perl(ZMQ::FFI)
      - perl(EV)
      - perl(JSON::XS)
      - perl(JSON::PP)
      - perl(XML::Simple)
      - perl(XML::LibXML::Simple)
      - perl(Net::SMTP)
      - perl(YAML::XS)
      - perl(DBD::SQLite)
      - perl(DBD::mysql)
      - perl(DBI)
      - perl(UUID)
      - perl(HTTP::Daemon)
      - perl(HTTP::Status)
      - perl(MIME::Base64)
      - perl(Digest::MD5::File)
      - perl(Net::Curl::Easy)
      - perl(HTTP::Daemon::SSL)
      - perl(NetAddr::IP)
      - perl(Hash::Merge)
      - perl(Clone)
      - perl(Sys::Syslog)
      - perl(DateTime)
      - perl(Try::Tiny)
      - tar
  deb:
    depends:
      - centreon-common
      - libdatetime-perl
      - libtime-parsedate-perl
      - libtry-tiny-perl
      - libxml-simple-perl
      - libxml-libxml-simple-perl
      - libdigest-md5-file-perl
      - libjson-pp-perl
      - libjson-xs-perl
      - libyaml-libyaml-perl
      - libdbi-perl
      - libdbd-sqlite3-perl
      - libdbd-mysql-perl
      - libhttp-daemon-perl
      - libhttp-daemon-ssl-perl
      - libnetaddr-ip-perl
      - libschedule-cron-perl
      - libhash-merge-perl
      - libcryptx-perl
      - libmojolicious-perl
      - libauthen-simple-perl
      - libauthen-simple-net-perl
      - libnet-curl-perl
      - libssh-session-perl
      - libssh-4
      - libev-perl
      - libzmq-ffi-perl
      - libclone-choose-perl

rpm:
  summary: Centreon gorgone daemon
  signature:
    key_file: ${RPM_SIGNING_KEY_FILE}
    key_id: ${RPM_SIGNING_KEY_ID}

Version 1.01:

name: "centreon-gorgone"
arch: "${ARCH}"
platform: "linux"
version_schema: "none"
version: "${VERSION}"
release: "${RELEASE}${DIST}"
section: "default"
priority: "optional"
maintainer: "Centreon <contact@centreon.com>"
description: |
  Centreon gorgone daemon
  Commit: @COMMIT_HASH@
vendor: "Centreon"
homepage: "https://www.centreon.com"
license: "Apache-2.0"

contents:
  - dst: "/etc/centreon-gorgone"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0755

  - dst: "/etc/centreon-gorgone/config.d"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0770

  - dst: "/etc/centreon-gorgone/config.d/cron.d"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0770

  - src: "./configuration/config.yaml"
    dst: "/etc/centreon-gorgone/config.yaml"
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0640

  - dst: "/var/lib/centreon-gorgone"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0775

  - dst: "/var/log/centreon-gorgone"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0775

  - dst: "/var/cache/centreon-gorgone"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0775

  - src: "./sudoers.d/centreon-gorgone"
    dst: "/etc/sudoers.d/centreon-gorgone"
    file_info:
      mode: 0600

  - src: "../config/systemd/gorgoned.rpm.service"
    dst: "/etc/systemd/system/gorgoned.service"
    file_info:
      mode: 0755
    packager: rpm
  - src: "../config/systemd/gorgoned.deb.service"
    dst: "/lib/systemd/system/gorgoned.service"
    file_info:
      mode: 0755
    packager: deb

  - src: "../config/systemd/gorgoned-sysconfig"
    dst: "/etc/sysconfig/gorgoned"
    type: config|noreplace
    packager: rpm
  - src: "../config/systemd/gorgoned-sysconfig"
    dst: "/etc/default/gorgoned"
    type: config|noreplace
    packager: deb

  - src: "../config/logrotate/gorgoned"
    dst: "/etc/logrotate.d/gorgoned"
    type: config|noreplace

  - src: "../gorgoned"
    dst: "/usr/bin/gorgoned"
    file_info:
      mode: 0755

  - src: "../gorgone"
    dst: "${PERL_VENDORLIB}/gorgone"
    expand: true

  - src: "../contrib/gorgone_config_init.pl"
    dst: "/usr/local/bin/"
    file_info:
      mode: 0755

  - src: "../contrib/gorgone_audit.pl"
    dst: "/usr/local/bin/"
    file_info:
      mode: 0755

  - src: "../contrib/gorgone_install_plugins.pl"
    dst: "/usr/local/bin/"
    file_info:
      mode: 0750

  - src: "../contrib/gorgone_key_thumbprint.pl"
    dst: "/usr/local/bin/"
    file_info:
      mode: 0750

scripts:
  preinstall: ./scripts/centreon-gorgone-preinstall.sh
  postinstall: ./scripts/centreon-gorgone-postinstall.sh
  preremove: ./scripts/centreon-gorgone-preremove.sh

overrides:
  rpm:
    depends:
      - centreon-common
      - bzip2
      - perl-Libssh-Session >= 0.8
      - perl-CryptX
      - perl-Mojolicious
      - perl(Archive::Tar)
      - perl(Schedule::Cron)
      - perl(ZMQ::FFI)
      - perl(EV)
      - perl(JSON::XS)
      - perl(JSON::PP)
      - perl(XML::Simple)
      - perl(XML::LibXML::Simple)
      - perl(Net::SMTP)
      - perl(YAML::XS)
      - perl(DBD::SQLite)
      - perl(DBD::mysql)
      - perl(DBI)
      - perl(UUID)
      - perl(HTTP::Daemon)
      - perl(HTTP::Status)
      - perl(MIME::Base64)
      - perl(Digest::MD5::File)
      - perl(Net::Curl::Easy)
      - perl(HTTP::Daemon::SSL)
      - perl(NetAddr::IP)
      - perl(Hash::Merge)
      - perl(Clone)
      - perl(Sys::Syslog)
      - perl(DateTime)
      - perl(Try::Tiny)
      - tar
  deb:
    depends:
      - centreon-common
      - libdatetime-perl
      - libtime-parsedate-perl
      - libtry-tiny-perl
      - libxml-simple-perl
      - libxml-libxml-simple-perl
      - libdigest-md5-file-perl
      - libjson-pp-perl
      - libjson-xs-perl
      - libyaml-libyaml-perl
      - libdbi-perl
      - libdbd-sqlite3-perl
      - libdbd-mysql-perl
      - libhttp-daemon-perl
      - libhttp-daemon-ssl-perl
      - libnetaddr-ip-perl
      - libschedule-cron-perl
      - libhash-merge-perl
      - libcryptx-perl
      - libmojolicious-perl
      - libauthen-simple-perl
      - libauthen-simple-net-perl
      - libnet-curl-perl
      - libssh-session-perl
      - libssh-4
      - libev-perl
      - libzmq-ffi-perl
      - libclone-choose-perl

rpm:
  summary: Centreon gorgone daemon
  signature:
    key_file: ${RPM_SIGNING_KEY_FILE}
    key_id: ${RPM_SIGNING_KEY_ID}

When updating from 1.0.0 to 1.0.1, the folders /etc/centreon-gorgone/config.d/cron.d and /etc/centreon-gorgone/config.d remain with the permessions 0775.

nfpm version

_____ ____  __  __
 _ __ |  ___|  _ \|  \/  |
| '_ \| |_  | |_) | |\/| |
| | | |  _| |  __/| |  | |
|_| |_|_|   |_|   |_|  |_|
nfpm: a simple and 0-dependencies deb, rpm, apk and arch linux packager written in Go
https://nfpm.goreleaser.com

GitVersion:    2.35.3
GitCommit:     5ace4da2fd3162383a16218e2ef405dc2676bdfc
GitTreeState:  false
BuildDate:     2024-01-31T17:53:18Z
BuiltBy:       goreleaser
GoVersion:     go1.21.6
Compiler:      gc
ModuleSum:     h1:YGEygriY8hbsNdCBUif6RLb5xPISDHc+d22rRGXV4Zk=
Platform:      linux/amd64

Search

Code of Conduct

Additional context

No response

caarlos0 commented 6 months ago

there's a lot going on there, can you provide the simplest possible reproducible of the issue?

hamzabessa commented 6 months ago

yes, this part for example before updating it :

  - dst: "/etc/centreon-gorgone/config.d"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0775

  - dst: "/etc/centreon-gorgone/config.d/cron.d"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0775

after updating it :

  - dst: "/etc/centreon-gorgone/config.d"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0770

  - dst: "/etc/centreon-gorgone/config.d/cron.d"
    type: dir
    file_info:
      owner: centreon-gorgone
      group: centreon-gorgone
      mode: 0770

the permessions didn't change after the update after i checked on a Debian environment.

caarlos0 commented 6 months ago

if you install in a clean system, does it have the right permissions?

hamzabessa commented 6 months ago

I did the installation on a container where the dependencies required are present, the permessions still unchanged

caarlos0 commented 6 months ago

what do you mean unchanged? were the files already there? I'm not following...

hamzabessa commented 6 months ago

Oh i'm sorry, i did it on a clean system now and the permissions are set correctly !!

hamzabessa commented 6 months ago

So the files I want to change permissions for already exist in my container, and usually I only need to change the permissions of the nfpm file. This should change the files' permissions after reinstalling the package in the container. However, it appears that this doesn't work for Debian. As a workaround, I created a post-install script to force the permission changes, and it worked. and Yes, the usual approach worked when I tested it on a clean system, but it's not working when updating a system where the files already exists.

caarlos0 commented 6 months ago

that's the way deb works, afaik it doesn't override existing files permissions... not much we can do.

the post-install script is probably the right approach.