StealthOS/subiquity
StealthOS
/
subiquity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1903 from bboozzoo/bboozzoo/log-dir-owner-in-snap 

subiquitycore/log: use 'root' as group for strictly confined snaps
This commit is contained in:
Dan Bungert 2024-02-05 10:13:35 -07:00 committed by GitHub
parent 53180bbc35 5c266cc38c
commit fa8cc0371f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
subiquitycore/log.py
View File

@ -23,7 +23,14 @@ def setup_logger(dir, base="subiquity"):
os.makedirs(dir, exist_ok=True)
# Create the log directory in such a way that users in the group may
# write to this directory in the installation environment.
set_log_perms(dir, mode=0o770, group="adm")
log_dir_group = "adm"
if os.getenv("SNAP_CONFINEMENT", "classic") == "strict":
# strictly confined snaps are peculiar in the way that we will not be
# able to chown the location as any other group than 'root', this if
# fine though as the snap is already run as the root user and
# effectively the logs location will be more closed
log_dir_group = "root"
set_log_perms(dir, mode=0o770, group=log_dir_group)
logger = logging.getLogger("")
logger.setLevel(logging.DEBUG)