From 3c8de6e5ad7e57ddac084ee4f15f5b18d6064022 Mon Sep 17 00:00:00 2001 From: Lucas Bajolet Date: Wed, 25 Oct 2023 16:45:32 -0400 Subject: [PATCH] plugins: install SHA256SUM file with 0644 perms When invoking `packer plugins install' to install a plugin, or `packer init', the checksum file would be installed with 0555 permissions. This led in turn to further attempts at installing the plugin will succeed, but the checksum file would not be updated, as it was marked non-writable by the owner of the file, leading potentially to a situation where the plugin binary and the checksum would be out-of-sync, but could not be updated unless the user changed it. To avoid such a problem, we write the checksum file with 0644 permissions, so the owner can read/write, while the other users can only read it. --- packer/plugin-getter/plugins.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packer/plugin-getter/plugins.go b/packer/plugin-getter/plugins.go index f6ca5c4ab..c9fbd0b9d 100644 --- a/packer/plugin-getter/plugins.go +++ b/packer/plugin-getter/plugins.go @@ -713,7 +713,7 @@ func (pr *Requirement) InstallLatest(opts InstallOptions) (*Installation, error) log.Printf("[WARNING] %v, ignoring", err) } - if err := os.WriteFile(outputFileName+checksum.Checksummer.FileExt(), []byte(hex.EncodeToString(cs)), 0555); err != nil { + if err := os.WriteFile(outputFileName+checksum.Checksummer.FileExt(), []byte(hex.EncodeToString(cs)), 0644); err != nil { err := fmt.Errorf("failed to write local binary checksum file: %s", err) errs = multierror.Append(errs, err) log.Printf("[WARNING] %v, ignoring", err)