Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect file permissions in 2.8.0 #1489

Closed
CvX opened this issue May 17, 2022 · 46 comments
Closed

Incorrect file permissions in 2.8.0 #1489

CvX opened this issue May 17, 2022 · 46 comments

Comments

@CvX
Copy link

CvX commented May 17, 2022

Some files in 2.8.0.rc1 release are not world-readable: (notice elements.rb, fields.rb, indifferent_hash.rb)

-rw-r--r--@  1 cvx  staff   3481 Apr 22 02:41 attachments_list.rb
-rw-r--r--@  1 cvx  staff   9545 Apr 22 02:41 body.rb
-rw-r--r--@  1 cvx  staff   1781 Apr 22 02:41 configuration.rb
-rw-r--r--@  1 cvx  staff   2472 Apr 22 02:41 constants.rb
drwxr-xr-x  14 cvx  staff    448 May 17 16:51 elements
-rw-r-----@  1 cvx  staff    960 Apr 22 02:41 elements.rb
drwxr-xr-x  10 cvx  staff    320 May 17 16:51 encodings
-rw-r--r--@  1 cvx  staff   9792 Apr 22 02:41 encodings.rb
-rw-r--r--@  1 cvx  staff    573 Apr 22 02:41 envelope.rb
-rw-r--r--@  1 cvx  staff   8885 Apr 22 02:41 field.rb
-rw-r--r--@  1 cvx  staff   2077 Apr 22 02:41 field_list.rb
drwxr-xr-x  41 cvx  staff   1312 May 17 16:51 fields
-rw-r-----@  1 cvx  staff   2244 Apr 22 02:41 fields.rb
-rw-r--r--@  1 cvx  staff   7528 Apr 22 02:41 header.rb
-rw-r-----@  1 cvx  staff   3874 Apr 22 02:41 indifferent_hash.rb
-rw-r--r--@  1 cvx  staff   8346 Apr 22 02:41 mail.rb
drwxr-xr-x   4 cvx  staff    128 May 17 16:51 matchers
-rw-r--r--@  1 cvx  staff  67251 Apr 22 02:41 message.rb
drwxr-xr-x   5 cvx  staff    160 May 17 16:51 multibyte
-rw-r--r--@  1 cvx  staff   3563 Apr 22 02:41 multibyte.rb
drwxr-xr-x   4 cvx  staff    128 May 17 16:51 network
-rw-r--r--@  1 cvx  staff    836 Apr 22 02:41 network.rb
-rw-r--r--@  1 cvx  staff    446 Apr 22 02:41 parser_tools.rb
drwxr-xr-x  34 cvx  staff   1088 May 17 16:51 parsers
-rw-r--r--@  1 cvx  staff    522 Apr 22 02:41 parsers.rb
-rw-r--r--@  1 cvx  staff   3124 Apr 22 02:41 part.rb
-rw-r--r--@  1 cvx  staff   3374 Apr 22 02:41 parts_list.rb
-rw-r--r--@  1 cvx  staff   1410 Apr 22 02:41 smtp_envelope.rb
-rw-r--r--@  1 cvx  staff  16176 Apr 22 02:41 utilities.rb
drwxr-xr-x   3 cvx  staff     96 May 17 16:51 values
-rw-r--r--@  1 cvx  staff    235 Apr 22 02:41 version.rb
-rw-r--r--@  1 cvx  staff    655 Apr 22 02:41 yaml.rb

This wasn't the case in previous releases:

# 2.7.1
-rw-r--r--@  1 cvx  staff   3590 Oct 13  2018 attachments_list.rb
-rw-r--r--@  1 cvx  staff   9745 Oct 13  2018 body.rb
-rw-r--r--@  1 cvx  staff   1461 Oct 13  2018 check_delivery_params.rb
-rw-r--r--@  1 cvx  staff   1781 Oct 13  2018 configuration.rb
-rw-r--r--@  1 cvx  staff   1792 Oct 13  2018 constants.rb
drwxr-xr-x   4 cvx  staff    128 May 17 16:39 core_extensions
drwxr-xr-x  14 cvx  staff    448 May 17 16:39 elements
-rw-r--r--@  1 cvx  staff    960 Oct 13  2018 elements.rb
drwxr-xr-x  10 cvx  staff    320 May 17 16:39 encodings
-rw-r--r--@  1 cvx  staff  10711 Oct 13  2018 encodings.rb
-rw-r--r--@  1 cvx  staff    658 Oct 13  2018 envelope.rb
-rw-r--r--@  1 cvx  staff   9511 Oct 13  2018 field.rb
-rw-r--r--@  1 cvx  staff    867 Oct 13  2018 field_list.rb
drwxr-xr-x  35 cvx  staff   1120 May 17 16:39 fields
-rw-r--r--@  1 cvx  staff   2244 Oct 13  2018 fields.rb
-rw-r--r--@  1 cvx  staff   9235 Oct 13  2018 header.rb
-rw-r--r--@  1 cvx  staff   3874 Oct 13  2018 indifferent_hash.rb
-rw-r--r--@  1 cvx  staff   8346 Oct 13  2018 mail.rb
drwxr-xr-x   4 cvx  staff    128 May 17 16:39 matchers
-rw-r--r--@  1 cvx  staff  68178 Oct 13  2018 message.rb
drwxr-xr-x   5 cvx  staff    160 May 17 16:39 multibyte
-rw-r--r--@  1 cvx  staff   3766 Oct 13  2018 multibyte.rb
drwxr-xr-x   4 cvx  staff    128 May 17 16:39 network
-rw-r--r--@  1 cvx  staff    836 Oct 13  2018 network.rb
-rw-r--r--@  1 cvx  staff    446 Oct 13  2018 parser_tools.rb
drwxr-xr-x  34 cvx  staff   1088 May 17 16:39 parsers
-rw-r--r--@  1 cvx  staff    681 Oct 13  2018 parsers.rb
-rw-r--r--@  1 cvx  staff   3230 Oct 13  2018 part.rb
-rw-r--r--@  1 cvx  staff   2003 Oct 13  2018 parts_list.rb
-rw-r--r--@  1 cvx  staff   8570 Oct 13  2018 utilities.rb
drwxr-xr-x   3 cvx  staff     96 May 17 16:39 values
-rw-r--r--@  1 cvx  staff    233 Oct 13  2018 version.rb
drwxr-xr-x   4 cvx  staff    128 May 17 16:39 version_specific

…and makes the gem unusable in some setups:

LoadError: cannot load such file -- /usr/local/lib/ruby/gems/2.7.0/gems/mail-2.8.0.rc1/lib/mail/indifferent_hash.rb

Can you re-release rc1 with corrected permissions as rc2?
davidtaylorhq added a commit to discourse/discourse that referenced this issue May 17, 2022
@davidtaylorhq
Revert "DEV: Drop our mail gem fork (#16622)"
88846e2 
This reverts commit 0d30c19.

Pending resolution of mikel/mail#1489
@davidtaylorhq davidtaylorhq mentioned this issue May 17, 2022
Merged
davidtaylorhq added a commit to discourse/discourse that referenced this issue May 17, 2022
@davidtaylorhq
Revert "DEV: Drop our mail gem fork (#16622)" (#16853)
8bc8dbc 
This reverts commit 0d30c19.

Pending resolution of mikel/mail#1489
@djpate
Copy link

djpate commented Oct 12, 2022

Any updates on this?

@awendt awendt mentioned this issue Dec 5, 2022
Open
@meineerde
Copy link

meineerde commented Dec 5, 2022
edited

With this issue unresolved in the released 2.8.0 gem, the current version of the mail gem is unusable in setups requiring read-access to others (e.g. in cases where the gem is installed by a different user than the one running the application).

Could you possible release a new version of the mail gem to rubygems which fixes the file permissions and set all files to be readable by everyone, similar to all the other files in the gem?

@stell stell mentioned this issue Dec 6, 2022
Closed
@CvX CvX changed the title Incorrect file permissions in 2.8.0.rc1 Incorrect file permissions in 2.8.0 Dec 6, 2022
@mishina2228 mishina2228 mentioned this issue Dec 6, 2022
Closed
@benlangfeld
Copy link

Hey @mikel , I believe this issue merits urgent attention and does not appear to be something that we can contribute to - file permissions in git seem to be correct, and this seems to be something related to how you cut releases that isn't visible to anyone else to assist in fixing it. This was reported prior to 2.8.0 being released and it seems to have been reasonable justification to hold back that release, but it doesn't seem to have stood out in the list of open issues enough for that to happen, which is why I'm trying to call some more direct attention to it here. Thanks for your help and your work on this project :)

@andreynering
Copy link

I also checked yesterday and I can confirm permissions are correct in the repository. It's something on the release process that messed with it somehow.

@rmehner
Copy link

rmehner commented Dec 6, 2022

We've also been bitten by this. We've downgraded to 2.7.1 for now. Another workaround was to fix the permissions ourselves within the docker container. A bit hacky, but works.

@ssunday
Copy link

ssunday commented Dec 6, 2022

Also having issues, reverting to 2.7.1.

@szymonpk
Copy link

szymonpk commented Dec 7, 2022

If you need to fix permissions after the installation, run find /usr/local/bundle/gems/mail-2.8.0.rc1/ -type f -perm 640 -exec chmod 644 {} \;. Adjust path to the gem if needed.

@sebbASF
Copy link
Collaborator

sebbASF commented Dec 7, 2022

Find non-world readable files:

$ find /var/lib/gems/2.7.0/gems/mail-2.8.0 -not -perm -4 -ls
6148232 4 -rw-r----- 1 root root 1063 Dec 5 20:35 /var/lib/gems/2.7.0/gems/mail-2.8.0/MIT-LICENSE
6148311 4 -rw-r----- 1 root root 3874 Dec 5 20:35 /var/lib/gems/2.7.0/gems/mail-2.8.0/lib/mail/indifferent_hash.rb
6148269 4 -rw-r----- 1 root root 2244 Dec 5 20:35 /var/lib/gems/2.7.0/gems/mail-2.8.0/lib/mail/fields.rb
6148377 980 -rw-r----- 1 root root 1001797 Dec 5 20:35 /var/lib/gems/2.7.0/gems/mail-2.8.0/lib/mail/values/unicode_tables.dat
6148242 4 -rw-r----- 1 root root 960 Dec 5 20:35 /var/lib/gems/2.7.0/gems/mail-2.8.0/lib/mail/elements.rb

The dat file might also be needed by others

sengi added a commit to alphagov/whitehall that referenced this issue Dec 7, 2022
@sengi
Work around bad filesystem permissions in the mail rubygem.
e74b092 
The `mail` gem installs a few of its .rb files (seems to be the
generated tables?) without world read permissions, which breaks the app
when running as an unprivileged user.

We can remove the workaround once the upstream bug
mikel/mail#1489 is fixed.
sengi added a commit to alphagov/whitehall that referenced this issue Dec 7, 2022
@sengi
Work around bad filesystem permissions in the mail rubygem.
5e9c120 
The `mail` gem installs a few of its .rb files (seems to be the
generated tables?) without world read permissions, which breaks the app
when running as an unprivileged user.

We can remove the workaround once the upstream bug
mikel/mail#1489 is fixed.
sengi added a commit to alphagov/whitehall that referenced this issue Dec 7, 2022
@sengi
Work around bad filesystem permissions in the mail rubygem.
f216772 
The `mail` gem installs a few of its .rb files (seems to be the
generated tables?) without world read permissions, which breaks the app
when running as an unprivileged user.

We can remove the workaround once the upstream bug
mikel/mail#1489 is fixed.
sengi added a commit to alphagov/whitehall that referenced this issue Dec 7, 2022
@sengi
Work around bad filesystem permissions in the mail rubygem.
b49bb0d 
The `mail` gem installs a few of its .rb files (seems to be the
generated tables?) without world read permissions, which breaks the app
when running as an unprivileged user.

We can remove the workaround once the upstream bug
mikel/mail#1489 is fixed.
sengi added a commit to alphagov/whitehall that referenced this issue Dec 7, 2022
@sengi
Work around bad filesystem permissions in the mail rubygem.
5c411b8 
The `mail` gem installs a few of its .rb files (seems to be the
generated tables?) without world read permissions, which breaks the app
when running as an unprivileged user.

We can remove the workaround once the upstream bug
mikel/mail#1489 is fixed.
davidgisbey pushed a commit to alphagov/whitehall that referenced this issue Dec 7, 2022
@sengi @davidgisbey
Work around bad filesystem permissions in the mail rubygem.
e483319 
The `mail` gem installs a few of its .rb files (seems to be the
generated tables?) without world read permissions, which breaks the app
when running as an unprivileged user.

We can remove the workaround once the upstream bug
mikel/mail#1489 is fixed.
agmsmith added a commit to agmsmith/RatingStone that referenced this issue Dec 7, 2022
@agmsmith
Updated Gems, and Ruby to version 3.1.3.
aa3ed64 
Hassles with Debug not compiling - install io-console.

Mail fails during test with "cannot load such file -- mail/indifferent_hash",
Fix by adding other-read flag to files in Mail gem directory.  See
mikel/mail#1489
@oliverguenther oliverguenther mentioned this issue Dec 8, 2022
Merged
@rgaufman
Copy link

rgaufman commented Dec 9, 2022

Had to downgrade to 2.7.1 also :(

@themilkman
Copy link

Also run in troubles with this in context of Devise::Mailer. Chmod'ing files helped.

@gravitystorm gravitystorm mentioned this issue Dec 9, 2022
Closed
@joeyates joeyates mentioned this issue Dec 12, 2022
Closed
joeyates added a commit to joeyates/imap-backup that referenced this issue Dec 12, 2022
@joeyates
Avoid file permissions issue on mail 2.8.0
ffc7321 
See mikel/mail#1489
tekniklr added a commit to tekniklr/tekniklr.com that referenced this issue Dec 12, 2022
@tekniklr
update gems
3781267 
pin mail 2.7.1 to avoid mikel/mail#1489
@akilamunasinghe
Copy link

We ran into the same issue and I have trouble downgrading as it is a dependency for later versions of actionmailer.

davidgisbey added a commit to alphagov/maslow that referenced this issue Jan 16, 2023
@davidgisbey
Remove Mailer from the Gemfile
21bdc30 
Previously, there was an issue with the mailer gem in release 2.8.0
mikel/mail#1489.

To circumvent this we added it to the Gemfile and pinned it on the
2.7.0 release. Since this has been fixed we can remove it as a
direct dependency.
@davidgisbey davidgisbey mentioned this issue Jan 16, 2023
Merged
davidgisbey added a commit to alphagov/manuals-publisher that referenced this issue Jan 16, 2023
@davidgisbey
Remove Mailer from the Gemfile
7043d4a 
Previously, there was an issue with the mailer gem in release 2.8.0
mikel/mail#1489.

To circumvent this we added it to the Gemfile and pinned it on the
2.7.0 release. Since this has been fixed we can remove it as a
direct dependency.
@davidgisbey davidgisbey mentioned this issue Jan 16, 2023
Merged
davidgisbey added a commit to alphagov/contacts-admin that referenced this issue Jan 16, 2023
@davidgisbey
Remove Mailer from the Gemfile
b35ecc3 
Previously, there was an issue with the mailer gem in release 2.8.0
mikel/mail#1489.

To circumvent this we added it to the Gemfile and pinned it on the
2.7.0 release. Since this has been fixed we can remove it as a
direct dependency.
davidgisbey added a commit to alphagov/contacts-admin that referenced this issue Jan 16, 2023
@davidgisbey
Remove Mailer from the Gemfile
7a15635 
Previously, there was an issue with the mailer gem in release 2.8.0
mikel/mail#1489.

To circumvent this we added it to the Gemfile and pinned it on the
2.7.0 release. Since this has been fixed we can remove it as a
direct dependency.
@davidgisbey davidgisbey mentioned this issue Jan 16, 2023
Merged
davidgisbey added a commit to alphagov/service-manual-publisher that referenced this issue Jan 16, 2023
@davidgisbey
Remove Mailer from the Gemfile
226a96b 
Previously, there was an issue with the mailer gem in release 2.8.0
mikel/mail#1489.

To circumvent this we added it to the Gemfile and pinned it on the
2.7.0 release. Since this has been fixed we can remove it as a
direct dependency.
davidgisbey added a commit to alphagov/maslow that referenced this issue Jan 16, 2023
@davidgisbey
Remove Mailer from the Gemfile
a879ae5 
Previously, there was an issue with the mailer gem in release 2.8.0
mikel/mail#1489.

To circumvent this we added it to the Gemfile and pinned it on the
2.7.0 release. Since this has been fixed we can remove it as a
direct dependency.
davidgisbey added a commit to alphagov/manuals-publisher that referenced this issue Jan 16, 2023
@davidgisbey
Remove Mailer from the Gemfile
68456e7 
Previously, there was an issue with the mailer gem in release 2.8.0
mikel/mail#1489.

To circumvent this we added it to the Gemfile and pinned it on the
2.7.0 release. Since this has been fixed we can remove it as a
direct dependency.
davidgisbey added a commit to alphagov/content-tagger that referenced this issue Jan 16, 2023
@davidgisbey
Remove Mailer from the Gemfile
2b01308 
Previously, there was an issue with the mailer gem in release 2.8.0
mikel/mail#1489.

To circumvent this we added it to the Gemfile and pinned it on the
2.7.0 release. Since this has been fixed we can remove it as a
direct dependency.
@davidgisbey davidgisbey mentioned this issue Jan 16, 2023
Merged
davidgisbey added a commit to alphagov/collections-publisher that referenced this issue Jan 16, 2023
@davidgisbey
Remove Mailer from the Gemfile
5fc2391 
Previously, there was an issue with the mailer gem in release 2.8.0
mikel/mail#1489.

To circumvent this we added it to the Gemfile and pinned it on the
2.7.0 release. Since this has been fixed we can remove it as a
direct dependency.
@davidgisbey davidgisbey mentioned this issue Jan 16, 2023
Merged
davidgisbey added a commit to alphagov/publisher that referenced this issue Jan 16, 2023
@davidgisbey
Remove Mailer from the Gemfile
48de0c1 
Previously, there was an issue with the mailer gem in release 2.8.0
mikel/mail#1489.

To circumvent this we added it to the Gemfile and pinned it on the
2.7.0 release. Since this has been fixed we can remove it as a
direct dependency.
@davidgisbey davidgisbey mentioned this issue Jan 16, 2023
Merged
davidgisbey added a commit to alphagov/travel-advice-publisher that referenced this issue Jan 16, 2023
@davidgisbey
Remove Mailer from the Gemfile
75f598c 
Previously, there was an issue with the mailer gem in release 2.8.0
mikel/mail#1489.

To circumvent this we added it to the Gemfile and pinned it on the
2.7.0 release. Since this has been fixed we can remove it as a
direct dependency.
@davidgisbey davidgisbey mentioned this issue Jan 16, 2023
Merged
chao-xian added a commit to alphagov/frontend that referenced this issue Jan 16, 2023
@chao-xian
Remove specifying version for mail
f6e62a3 
Since the issue requiring that pinning in the first place is fixed mikel/mail#1489
@chao-xian chao-xian mentioned this issue Jan 16, 2023
Closed
chao-xian added a commit to alphagov/government-frontend that referenced this issue Jan 17, 2023
@chao-xian
Remove pinning mail gem
66087f3 
Issue that made us do it is gone [1]

[1]: mikel/mail#1489
chao-xian added a commit to alphagov/government-frontend that referenced this issue Jan 17, 2023
@chao-xian
Remove pinning mail gem
c91b257 
Issue that made us do it is gone [1]

[1]: mikel/mail#1489
chao-xian added a commit to alphagov/collections that referenced this issue Jan 17, 2023
@chao-xian
Remove pinning mail gem
a044581 
Issue that made us do it is gone [1]

[1]: mikel/mail#1489
chao-xian added a commit to alphagov/authenticating-proxy that referenced this issue Jan 17, 2023
@chao-xian
Remove pinning mail gem
5b7b169 
Issue that made us do it is gone [1]

[1]: mikel/mail#1489
chao-xian added a commit to alphagov/static that referenced this issue Jan 17, 2023
@chao-xian
Remove pinning mail gem
8836894 
Issue that made us do it is gone [1]

[1]: mikel/mail#1489
BeckaL added a commit to alphagov/signon that referenced this issue Jan 18, 2023
@BeckaL
Remove mailer from the gemfile
5883ca2 
Previously, there was an issue with the mailer gem in release 2.8.0
mikel/mail#1489.

To circumvent this we added it to the Gemfile and pinned it on the
2.7.0 release. Since this has been fixed we can remove it as a
direct dependency.
@BeckaL BeckaL mentioned this issue Jan 18, 2023
Merged
cdoyle-temple added a commit to tulibraries/Press-6 that referenced this issue Jan 19, 2023
@cdoyle-temple
pin mail gem: mikel/mail#1489
caac854
@cdoyle-temple cdoyle-temple mentioned this issue Jan 19, 2023
Merged
@n-rodriguez n-rodriguez mentioned this issue Mar 6, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Remove specifying version for mail alphagov/frontend