[jira] [Commented] (MASSEMBLY-941) file permissions removed during assembly:single since 3.2.0

[Herve Boutemy (Jira)]

    [ 
https://issues.apache.org/jira/browse/MASSEMBLY-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17633246#comment-17633246
 ] 

Herve Boutemy commented on MASSEMBLY-941:
-----------------------------------------

as I feared, posix mode differs from machine to machine at group level: my 
local personal machine sets 664 and 775 when CI sets 644 and 755
personal machine is permissive at group level, when CI is conservative

We can probably detect and support both modes in the IT
for effective rebuilding, it means that this difference will have to be defined 
in the rebuild environment

any idea?
would you be ok if group posix permissions were forced from user permissions in 
the archiver in reproducible mode?

> file permissions removed during assembly:single since 3.2.0
> -----------------------------------------------------------
>
>                 Key: MASSEMBLY-941
>                 URL: https://issues.apache.org/jira/browse/MASSEMBLY-941
>             Project: Maven Assembly Plugin
>          Issue Type: Bug
>          Components: permissions
>    Affects Versions: 3.2.0, 3.3.0
>            Reporter: Christopher Tubbs
>            Assignee: Herve Boutemy
>            Priority: Critical
>             Fix For: next-release
>
>
> Since 3.2.0, existing file permissions seem to be ignored when creating a 
> tarball assembly, and files stored in the assembly do not have their original 
> file permissions preserved.
> Using version 3.1.1 of this plugin and earlier, when creating a tar.gz, 
> existing file permissions are normally preserved. This is now broken in 
> 3.2.0, unless the component descriptor explicitly sets the fileModes.
> This was discovered trying to prepare a release candidate for Apache Accumulo 
> using the apache-23.pom parent POM's predefined `source-release-tar` 
> descriptor using the `single` goal. We noticed that the resulting 
> source-release tarball had stripped all the executable permissions from our 
> scripts, instead of preserving them. This makes the resulting source release 
> more difficult to build from source.
> A source-release assembly, and any other assembly that does not specify the 
> file permissions explicitly, should preserve the existing file permissions, 
> just as it used to with 3.1.1 and earlier.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)