Bug#977177: mm-common: reproducible builds: Generated tarball includes user, group and file mode

Simon McVittie smcv at debian.org
Sat Dec 12 11:30:22 GMT 2020


On Fri, 11 Dec 2020 at 20:45:09 -0800, Vagrant Cascadian wrote:
> If anyone has a better handle on python's tarfile mode handling code, it
> might be worth taking a closer look. I'm not entirely sure how the file
> modes work in this code (they don't appear to use modes similar to those
> used by umask, chmod or python's file functions)

It looks like they're encoded in the same way as st_mode in a struct
stat_buf: the low bits are Unix permissions (which start making sense
if you print them in octal) and the high bits are file type. See the
documentation for the stat Python module, and in particular stat.S_IMODE
and stat.S_IFMT.

I think the correct normalization would be something like this (untested!):

    if tarinfo.isdir() or (tarinfo.mode & 0o111) != 0:
        tarinfo.mode = stat.S_IFMT(tarinfo.mode) | 0o755
    else:
        tarinfo.mode = stat.S_IFMT(tarinfo.mode) | 0o644

(that's the same as chmod a+rX,og-w).

    smcv



More information about the pkg-gnome-maintainers mailing list