WIP: Allow group access to various bits of data that will be accessed by buildbox-casd
Description
Since we'd like to support a userchroot workflow that uses an intermediate user to go through the safe setuid-userchroot barrier, we need to allow access to any files accessed by buildbox-casd to a group of users, such that we can run BuildStream with umask 002.
Currently still outstanding is:
-
A correction of the source determinism tests, which rely on a specific umask that can't be upheld when umask 002 is required -
A solution for handling bzr
CVS directories (since these seem to be umask 077) -
A cleanup solving the discovered problems more generally
This patch also depends on (and includes) !1645 (merged), which should be merged beforehand.
Edited by Tristan Maat