patch: reproducibility: Fix host umask leakage

Some patch files create entirely new files, so their permissions are subject to the host umask. If such a file is later installed into a package with no change in permissions, it breaks the reproducibility of the package. This was observed on libpam, for instance: The patch file pam-security-abstract-securetty-handling.patch creates a new file (tty_secure.c). This file is later copied into the -dbg package with no change in permissions. (From OE-Core rev: 2a2bbd755b330cd63f7f6e2f2b374a3ae065b37a) Signed-off-by: Douglas Royds <douglas.royds@taitradio.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Douglas Royds <douglas.royds@taitradio.com> 2018-12-21 12:10:22 +1300
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-02-25 22:13:03 +0000
commit: ae10351f4aa443fc6df5a674b0aae0731304254d (patch)
tree: 03a3c7b3f142628d3d17a14f05e257c847eede6d
parent: 89dcc555f57ce13645c3876b42be3846fe3b7863 (diff)
download: openembedded-core-ae10351f4aa443fc6df5a674b0aae0731304254d.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/classes/patch.bbclass b/meta/classes/patch.bbclass
index 2fc6925e49..2cfc7315b5 100644
--- a/meta/classes/patch.bbclass
+++ b/meta/classes/patch.bbclass
@@ -153,6 +153,7 @@ python patch_do_patch() {
 patch_do_patch[vardepsexclude] = "PATCHRESOLVE"
 
 addtask patch after do_unpack
+do_patch[umask] = "022"
 do_patch[dirs] = "${WORKDIR}"
 do_patch[depends] = "${PATCHDEPENDENCY}"
author	Douglas Royds <douglas.royds@taitradio.com>	2018-12-21 12:10:22 +1300
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2019-02-25 22:13:03 +0000
commit	ae10351f4aa443fc6df5a674b0aae0731304254d (patch)
tree	03a3c7b3f142628d3d17a14f05e257c847eede6d
parent	89dcc555f57ce13645c3876b42be3846fe3b7863 (diff)
download	openembedded-core-ae10351f4aa443fc6df5a674b0aae0731304254d.tar.gz