build.sh: move permissions changes to end

dustymabe · dustymabe · commit f7ef7d325577 · 2026-01-16T19:09:09.000-05:00
What I found is that doing this before kola (and friends) are built and installed means the `make install` from those set the /usr/bin permissions back. Let's just do this as a final step. Fixup for 17b3f52, d34ab4a
diff --git a/Dockerfile b/Dockerfile
@@ -21,6 +21,7 @@ RUN ./build.sh write_archive_info
 RUN ./build.sh make_and_makeinstall
 RUN ./build.sh configure_user
 RUN ./build.sh patch_osbuild
+RUN ./build.sh fixup_file_permissions
 
 # clean up scripts (it will get cached in layers, but oh well)
 WORKDIR /srv/
diff --git a/build.sh b/build.sh
@@ -23,6 +23,7 @@ if [ $# -gt 1 ]; then
     echo "    install_rpms"
     echo "    make_and_makeinstall"
     echo "    patch_osbuild"
+    echo "    fixup_file_permissions"
     exit 1
 fi
 
@@ -112,16 +113,6 @@ install_rpms() {
         ln -s {/usr/share/distribution-gpg-keys/centos,/etc/pki/rpm-gpg}/RPM-GPG-KEY-CentOS-SIG-Virtualization
     fi
 
-    # Allow group write permissions on /usr/ because in upstream project's
-    # CI we want to overwrite software for testing. The directories
-    # are typically owned by root:root and CI runs in openshift as a user
-    # that is a member of the `root` (GID: 0) group.
-    # See https://github.com/coreos/coreos-installer/pull/1716
-    chmod -R g+w /usr/
-    # And also one exception for /etc/grub.d (on arches that support
-    # grub) since ostree upstream tries to put a symlink in this directory.
-    [ -d /etc/grub.d ] && chmod g+rwx /etc/grub.d
-
     # Further cleanup
     yum clean all
 }
@@ -225,6 +216,19 @@ patch_osbuild() {
   ##mkdir -p /usr/lib/osbuild/osbuild
 }
 
+fixup_file_permissions() {
+    # Allow group write permissions on /usr/ because in upstream project's
+    # CI we want to overwrite software for testing. The directories
+    # are typically owned by root:root and CI runs in openshift as a user
+    # that is a member of the `root` (GID: 0) group.
+    # See https://github.com/coreos/coreos-installer/pull/1716
+    chmod -R g+w /usr/
+    # And also one exception for /etc/grub.d (on arches that support
+    # grub) since ostree upstream tries to put a symlink in this directory.
+    [ -d /etc/grub.d ] && chmod g+rwx /etc/grub.d
+
+}
+
 if [ $# -ne 0 ]; then
     # Run the function specified by the calling script
     ${1}
@@ -240,4 +244,5 @@ else
     trust_redhat_gpg_keys
     configure_user
     patch_osbuild
+    fixup_file_permissions
 fi
