From 85f25407598494d8f91890df5152501680a067dd Mon Sep 17 00:00:00 2001
From: Adriana Kobylak <anoo@us.ibm.com>
Date: Wed, 9 Oct 2019 13:56:59 -0500
Subject: generate-tar: Set permissions of partition files to read only

Set file permissions to 440 since the PNOR partition files are
intended to be read-only and managed by the mbox application, so the
permissions should be set accordingly for cases where the BMC root
filesystem is not read-only.

Tested:
Before:
-rw-r--r--    1 root     root       1179648 Oct  9 18:43 HBD

After:
-r--r-----    1 root     root       1179648 Oct  9 15:33 HBD

Change-Id: I9eaf773fc09a12c4c0ed02302a41eb959719013f
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>
---
 generate-tar | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'generate-tar')

diff --git a/generate-tar b/generate-tar
index 85d8d7f00..8b1c6ce35 100755
--- a/generate-tar
+++ b/generate-tar
@@ -213,6 +213,8 @@ if [[ "${image_type}" == "squashfs" ]]; then
   echo "Creating SquashFS image..."
   # Prepare pnor file in ${pnor_dir}
   cd "${pnor_dir}"
+  # Set permissions of partition files to read only
+  chmod 440 *
   mksquashfs ${tocfile} ${partitions[*]} ${scratch_dir}/pnor.xz.squashfs -all-root
   cd "${scratch_dir}"
   files_to_sign+=" pnor.xz.squashfs"
-- 
cgit v1.2.1