Fix permission flags on all the log files created (#1440)

* Changed permissions on the logs stored in /var/log/archinstall. Also cleaned up one of the saves to have the same syntax as the others * Tweaked secondary encryption password detection logic, as it wouldn't take it from the main arguments[] otherwise. * Changed permission on cmd_output.txt * Changed permission on cmd_history.txt
2022-08-28 22:04:25 +02:00 · 2022-08-28 22:04:25 +02:00 · 13703fbb04
parent 65212a46aa
commit 13703fbb04
3 changed files with 39 additions and 8 deletions
--- a/archinstall/lib/configuration.py
+++ b/archinstall/lib/configuration.py
@ -1,4 +1,6 @@
+import os
 import json
+import stat
 import logging
 import pathlib
 from typing import Optional, Dict
@ -106,23 +108,33 @@ class ConfigurationOutput:

 	def save_user_config(self, dest_path :pathlib.Path = None):
 		if self._is_valid_path(dest_path):
-			with open(dest_path / self._user_config_file, 'w') as config_file:
+			target = dest_path / self._user_config_file
+
+			with open(target, 'w') as config_file:
 				config_file.write(self.user_config_to_json())

+			os.chmod(str(dest_path / self._user_config_file), stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP)
+
 	def save_user_creds(self, dest_path :pathlib.Path = None):
 		if self._is_valid_path(dest_path):
 			if user_creds := self.user_credentials_to_json():
 				target = dest_path / self._user_creds_file
+
 				with open(target, 'w') as config_file:
 					config_file.write(user_creds)

+				os.chmod(str(target), stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP)
+
 	def save_disk_layout(self, dest_path :pathlib.Path = None):
 		if self._is_valid_path(dest_path):
 			if disk_layout := self.disk_layout_to_json():
 				target = dest_path / self._disk_layout_file
+
 				with target.open('w') as config_file:
 					config_file.write(disk_layout)

+				os.chmod(str(target), stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP)
+
 	def save(self, dest_path :pathlib.Path = None):
 		if not dest_path:
 			dest_path = self._default_save_path
--- a/archinstall/lib/general.py
+++ b/archinstall/lib/general.py
@ -6,6 +6,7 @@ import os
 import secrets
 import shlex
 import subprocess
+import stat
 import string
 import sys
 import time
@ -313,9 +314,18 @@ class SysCommandWorker:
 				except UnicodeDecodeError:
 					return False

-			with open(f"{storage['LOG_PATH']}/cmd_output.txt", "a") as peak_output_log:
+			peak_logfile = pathlib.Path(f"{storage['LOG_PATH']}/cmd_output.txt")
+
+			change_perm = False
+			if peak_logfile.exists() is False:
+				change_perm = True
+
+			with peak_logfile.open("a") as peak_output_log:
 				peak_output_log.write(output)

+			if change_perm:
+				os.chmod(str(peak_logfile), stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP)
+
 			sys.stdout.write(str(output))
 			sys.stdout.flush()

@ -361,10 +371,18 @@ class SysCommandWorker:

 		# https://stackoverflow.com/questions/4022600/python-pty-fork-how-does-it-work
 		if not self.pid:
+			history_logfile = pathlib.Path(f"{storage['LOG_PATH']}/cmd_history.txt")
 			try:
+				change_perm = False
+				if history_logfile.exists() is False:
+					change_perm = True
+
 				try:
-					with open(f"{storage['LOG_PATH']}/cmd_history.txt", "a") as cmd_log:
+					with history_logfile.open("a") as cmd_log:
 						cmd_log.write(f"{self.cmd}\n")
+
+					if change_perm:
+						os.chmod(str(history_logfile), stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP)
 				except PermissionError:
 					pass

--- a/archinstall/lib/installer.py
+++ b/archinstall/lib/installer.py
@ -246,11 +246,12 @@ class Installer:
 		# we manage the encrypted partititons
 		for partition in [entry for entry in list_part if entry.get('encrypted', False)]:
 			# open the luks device and all associate stuff
-			if not (password := partition.get('!password', None)):
-				raise RequirementError(f"Missing partition {partition['device_instance'].path} encryption password in layout: {partition}")
-				loopdev = f"{storage.get('ENC_IDENTIFIER', 'ai')}{pathlib.Path(partition['mountpoint']).name}loop"
-			else:
-				loopdev = f"{storage.get('ENC_IDENTIFIER', 'ai')}{pathlib.Path(partition['device_instance'].path).name}"
+			if not (password := partition.get('!password', None)) and storage['arguments'].get('!encryption-password'):
+				password = storage['arguments'].get('!encryption-password')
+			elif not password:
+				raise RequirementError(f"Missing partition encryption password in layout: {partition}")
+			
+			loopdev = f"{storage.get('ENC_IDENTIFIER', 'ai')}{pathlib.Path(partition['device_instance'].path).name}"

 			# note that we DON'T auto_unmount (i.e. close the encrypted device so it can be used
 			with (luks_handle := luks2(partition['device_instance'], loopdev, password, auto_unmount=False)) as unlocked_device: