Enhance mkdwarfs to support file permission normalization

[cipriancraciun]

Just like --no-owner and --no-time are useful to build "generic" images, it would also be useful to have an option that normalizes the file-system permissions. (At the moment they are take verbatim.)

Perhaps the easiest solution is the following:

• add an option like --perms-norm that basically only cares if any executability bit is set (be it user, group or others), and thus creates entries like r-x r-x r-x or r-- r-- r--;
• add another option like --perms-umask that takes a octal value and basically caps the permissions; for example --perms-umask 007 would only generate r-x r-x --- or r-- r-- ---;
• (one could use each option independently of each-other;)

[mhx]

The --no-owner and --no-time are actually gone in 0.2.1, they didn't work properly after I overhauled the metadata storage anyway. They've been replaced by --set-owner, --set-group and --set-time, which now also work independently. I think your suggestion would fit in nicely with these.

[mhx]

Actually, these sorts of things will be possible in the next release using the new transform scripting interface. (I've thrown out Lua scripting in favour of Python as Python is much more approachable for most folks and has much better C++ bindings.)

class mkdwarfs:
    def transform(self, entry):
        logger.debug(f"transforming {entry.path()}")
        entry.set_permissions(entry.permissions() & 0o7555)
        return entry

[cipriancraciun]

I understand that using an interpreted language opens many possibilities. However I believe that a few common cases should be easily achieved through arguments.

Therefore given how important file permissions are (just like user / group IDs) I think there should be a few options dedicated to them.

---

For example I would look at how rsync handles this:

• there are options to set user / group ids (see --chown option);
• set permissions (see --chmod and --executability options);
• ignore empty directories, skip non-files;
• transform symlinks into their referents (thus eliminating the existance of symlinks especially given that you have support for deduplication;)
• etc.;

[mhx]

Oh, I'm not disagreeing. --remove-empty-dirs will already be in the next release, and --chown is essentially --set-owner/--set-group (although I really like the idea of calling it --chown). Dereferencing symlinks is definitely a good idea, too.

[mhx]

Okay, after thinking about this some more, I'll implement both --perms-norm as you suggested and --chmod with rsync semantics.

[mhx]

I'll probably drop --perms-norm, as you can get the exact same behaviour using --chmod ug-st,=Xr.

[mhx]

I've added --chmod support on the wip branch. There's also a special case --chmod=norm that does what --perms-norm was intended to do (by using ug-st,=Xr internally).

[mhx]

This is in dwarfs-0.7.0-RC2 now.