[source] image: don't modify file permissions before rootfs generation

[LEDE Commits]

neoraider pushed a commit to source.git, branch master:
https://git.lede-project.org/a16a8814ead80984ce4ef7bed756434119b3aafa

commit a16a8814ead80984ce4ef7bed756434119b3aafa
Author: Matthias Schiffer <mschiffer at universe-factory.net>
AuthorDate: Mon Sep 26 15:25:37 2016 +0200

    image: don't modify file permissions before rootfs generation
    
    Modifying the file permissions can be harmful, as it would make files
    world-readable even if they weren't in the ipk packages. The
    Image/mkfs/prepare step is removed completely, as it is redundant now (/tmp
    and /overlay are already provided by base-files with the correct
    permissions).
    
    It has been verified that this change does not affect any permissions of
    files in the default package set except /etc/ppp/chap-secrets, which was
    world-readable before. All packages not in the default set are more likely
    to be installed via opkg than being part of a base image and thus were
    usually not affected by the permission modification anyways.
    
    Signed-off-by: Matthias Schiffer <mschiffer at universe-factory.net>
---
 include/image-legacy.mk |  4 +---
 include/image.mk        | 21 ++-------------------
 2 files changed, 3 insertions(+), 22 deletions(-)

diff --git a/include/image-legacy.mk b/include/image-legacy.mk
index 9960cab..edbee4c 100644
--- a/include/image-legacy.mk
+++ b/include/image-legacy.mk
@@ -41,7 +41,7 @@ define LegacyDevice/Check
   _TARGET := $$(if $$(_PROFILE_SET),legacy-images,install-disabled)
   $$(if $$(_PROFILE_SET),install: legacy-images-make)
   ifndef IB
-    $$(if $$(_PROFILE_SET),mkfs_prepare: legacy-images-prepare-make)
+    $$(if $$(_PROFILE_SET),kernel_prepare: legacy-images-prepare-make)
   endif
 endef
 
@@ -90,5 +90,3 @@ define LegacyDevice
   $(call LegacyDevice/$(if $(DUMP),Dump,Build),$(1))
 
 endef
-
-
diff --git a/include/image.mk b/include/image.mk
index d48b1f6..13874be 100644
--- a/include/image.mk
+++ b/include/image.mk
@@ -251,19 +251,6 @@ define Image/mkfs/ext4
 		$@ $(call mkfs_target_dir,$(1))/
 endef
 
-define Image/mkfs/prepare/default
-	# Use symbolic permissions to avoid clobbering SUID/SGID/sticky bits
-	- $(FIND) $(1) -type f -not -perm /0100 -not -name 'ssh_host*' -not -name 'shadow' -print0 | $(XARGS) -0 chmod u+rw,g+r,o+r
-	- $(FIND) $(1) -type f -perm /0100 -print0 | $(XARGS) -0 chmod u+rwx,g+rx,o+rx
-	- $(FIND) $(1) -type d -print0 | $(XARGS) -0 chmod u+rwx,g+rx,o+rx
-	$(INSTALL_DIR) $(1)/tmp $(1)/overlay
-	chmod 1777 $(1)/tmp
-endef
-
-define Image/mkfs/prepare
-	$(call Image/mkfs/prepare/default,$(1))
-endef
-
 define Image/Manifest
 	$(STAGING_DIR_HOST)/bin/opkg \
 		--offline-root $(TARGET_DIR) \
@@ -307,7 +294,6 @@ target-dir-%: FORCE
 	$(if $(mkfs_packages_remove), \
 		$(call opkg,$(mkfs_cur_target_dir)) remove \
 			$(mkfs_packages_remove))
-	$(call Image/mkfs/prepare,$(mkfs_cur_target_dir))
 	$(call prepare_rootfs,$(mkfs_cur_target_dir))
 	-mv $(mkfs_cur_target_dir).opkg $(mkfs_cur_target_dir)/etc/opkg
 	rm -f $(mkfs_cur_target_dir).conf
@@ -530,7 +516,7 @@ define BuildImage
   image_prepare:
 
   ifeq ($(IB),)
-    .PHONY: download prepare compile clean image_prepare mkfs_prepare kernel_prepare install install-images
+    .PHONY: download prepare compile clean image_prepare kernel_prepare install install-images
     compile:
 		$(call Build/Compile)
 
@@ -549,10 +535,7 @@ define BuildImage
 		mkdir -p $(BIN_DIR) $(KDIR)/tmp
   endif
 
-  mkfs_prepare: image_prepare
-	$(call Image/mkfs/prepare,$(TARGET_DIR))
-
-  kernel_prepare: mkfs_prepare
+  kernel_prepare: image_prepare
 	$(call Image/Build/targz)
 	$(call Image/Build/cpiogz)
 	$(call Image/BuildKernel)