Merge pull request #181 from stackhpc/upstream/xena-2022-12-01

markgoddard · web-flow · commit a1cce28c4bb6 · 2022-12-01T11:13:38.000Z
Synchronise xena with upstream
diff --git a/kolla/image/build.py b/kolla/image/build.py
@@ -497,8 +497,18 @@ def make_an_archive(items, arcname, item_child_path=None):
                         image.status = Status.CONNECTION_ERROR
                         raise ArchivingError
             arc_path = os.path.join(image.path, '%s-archive' % arcname)
+
+            # NOTE(jneumann): Change ownership of files to root:root. This
+            # avoids an issue introduced by the fix for git CVE-2022-24765,
+            # which breaks PBR when the source checkout is not owned by the
+            # user installing it. LP#1969096
+            def reset_userinfo(tarinfo):
+                tarinfo.uid = tarinfo.gid = 0
+                tarinfo.uname = tarinfo.gname = "root"
+                return tarinfo
+
             with tarfile.open(arc_path, 'w') as tar:
-                tar.add(items_path, arcname=arcname)
+                tar.add(items_path, arcname=arcname, filter=reset_userinfo)
             return len(os.listdir(items_path))
 
         self.logger.debug('Processing')
