cnf = Config()
session = self.transaction.session
- self.directory = tempfile.mkdtemp(dir=cnf.get('Dir::TempPath'))
+ self.directory = utils.temp_dirname(parent=cnf.get('Dir::TempPath'),
+ mode=0o2750, group=cnf.unprivgroup)
with FilesystemTransaction() as fs:
src = os.path.join(self.original_directory, self.original_changes.filename)
dst = os.path.join(self.directory, self.original_changes.filename)
- fs.copy(src, dst)
+ fs.copy(src, dst, mode=0o640)
self.changes = upload.Changes(self.directory, self.original_changes.filename, self.keyrings)
dst = os.path.join(self.directory, f.filename)
if not os.path.exists(src):
continue
- fs.copy(src, dst)
+ fs.copy(src, dst, mode=0o640)
source = self.changes.source
if source is not None:
checks.SignatureCheck,
checks.ChangesCheck,
checks.HashesCheck,
+ checks.ExternalHashesCheck,
checks.SourceCheck,
checks.BinaryCheck,
checks.BinaryTimestampCheck,
if suite.copychanges:
src = os.path.join(self.directory, self.changes.filename)
dst = os.path.join(suite.archive.path, 'dists', suite.suite_name, self.changes.filename)
- self.transaction.fs.copy(src, dst)
+ self.transaction.fs.copy(src, dst, mode=suite.archive.mode)
return (db_source, db_binaries)
self.transaction.session.flush()
dst = os.path.join(policy_queue.path, self.changes.filename)
- self.transaction.fs.copy(self.changes.path, dst)
+ self.transaction.fs.copy(self.changes.path, dst, mode=policy_queue.change_perms)
return u
src = os.path.join(self.directory, hashed_file.filename)
dst = os.path.join(policy_queue.path, hashed_file.filename)
- fs.copy(src, dst)
+ fs.copy(src, dst, mode=policy_queue.change_perms)
return byhand_file
for binary in self.changes.binaries:
control = binary.control
source_package, source_version = binary.source
- line = " ".join([control['Package'], control['Version'], source_package, source_version])
+ line = " ".join([control['Package'], control['Version'], control['Architecture'], source_package, source_version])
print >>debinfo, line
debinfo.close()