armbian-next: add (trap) cleanup handler to reset ./tmp and ./output to original pre-sudo UID before exiting, even with failure/abort

lib/functions/cli/entrypoint.sh

@@ -106,8 +106,9 @@ function cli_entrypoint() {
 	# Pre-runs might change it, but if not set, default to ARMBIAN_COMMAND.
 	declare -g ARMBIAN_LOG_CLI_ID="${ARMBIAN_LOG_CLI_ID:-${ARMBIAN_COMMAND}}"
 
-	LOG_SECTION="entrypoint" start_logging_section   # This creates LOGDIR. @TODO: also maybe causes a spurious group to be created in the log file
-	add_cleanup_handler trap_handler_cleanup_logging # cleanup handler for logs; it rolls it up from LOGDIR into DEST/logs @TODO: use the COMMAND in the filenames.
+	LOG_SECTION="entrypoint" start_logging_section      # This creates LOGDIR. @TODO: also maybe causes a spurious group to be created in the log file
+	add_cleanup_handler trap_handler_cleanup_logging    # cleanup handler for logs; it rolls it up from LOGDIR into DEST/logs
+	add_cleanup_handler trap_handler_reset_output_owner # make sure output folder is owned by pre-sudo user if that's the case
 
 	# @TODO: So gigantic contention point here about logging the basic deps installation.
 	if [[ "${ARMBIAN_COMMAND_REQUIRE_BASIC_DEPS}" == "yes" ]]; then

lib/functions/host/host-utils.sh

@@ -201,7 +201,8 @@ function reset_uid_owner() {
 	for arg in "$@"; do
 		display_alert "reset_uid_owner: '${arg}' will be owner id '${SET_OWNER_TO_UID}'" "reset_uid_owner" "debug"
 		if [[ -d "${arg}" ]]; then
-			chown -R "${SET_OWNER_TO_UID}" "${arg}"
+			chown "${SET_OWNER_TO_UID}" "${arg}"
+			find "${arg}" -uid 0 -print0 | xargs --no-run-if-empty -0 chown "${SET_OWNER_TO_UID}"
 		elif [[ -f "${arg}" ]]; then
 			chown "${SET_OWNER_TO_UID}" "${arg}"
 		else
@@ -230,3 +231,10 @@ function check_dir_for_mount_options() {
 
 	return 0
 }
+
+function trap_handler_reset_output_owner() {
+	display_alert "Resetting output directory owner" "${SRC}/output" "info"
+	reset_uid_owner "${SRC}/output"
+	display_alert "Resetting tmp directory owner" "${SRC}/.tmp" "info"
+	reset_uid_owner "${SRC}/.tmp"
+}

lib/functions/host/prepare-host.sh

@@ -93,20 +93,20 @@ prepare_host() {
 	if armbian_is_running_in_container; then
 		display_alert "Running in container" "Adding provisions for container building" "info"
 		declare -g CONTAINER_COMPAT=yes # this controls mknod usage for loop devices.
-		declare -g NO_APT_CACHER=yes # disable apt-cacher; we use local cache in Docker volumes.
-		
+		declare -g NO_APT_CACHER=yes    # disable apt-cacher; we use local cache in Docker volumes.
+
 		# trying to use nested containers is not a good idea, so don't permit EXTERNAL_NEW=compile
 		if [[ $EXTERNAL_NEW == compile ]]; then
 			display_alert "EXTERNAL_NEW=compile is not available when running in container, setting to prebuilt" "" "wrn"
 			EXTERNAL_NEW=prebuilt
 		fi
-		
+
 		SYNC_CLOCK=no
 	else
 		display_alert "NOT running in container" "No special provisions for container building" "debug"
 	fi
 
-	# Skip verification if you are working offline
+	# If offline, do not try to install dependencies, manage acng, or sync the clock.
 	if ! $offline; then
 		install_host_dependencies "dependencies during prepare_release"
 
@@ -118,17 +118,19 @@ prepare_host() {
 			display_alert "Syncing clock" "host" "info"
 			run_host_command_logged ntpdate "${NTP_SERVER:-pool.ntp.org}"
 		fi
+	fi
 
-		# create directory structure # @TODO: this should be close to DEST, otherwise super-confusing
-		mkdir -p "${SRC}"/{cache,output} "${USERPATCHES_PATH}"
+	# create directory structure # @TODO: this should be close to DEST, otherwise super-confusing
+	mkdir -p "${SRC}"/{cache,output} "${USERPATCHES_PATH}"
 
-		# @TODO: original: mkdir -p "${DEST}"/debs-beta/extra "${DEST}"/debs/extra "${DEST}"/{config,debug,patch} "${USERPATCHES_PATH}"/overlay "${SRC}"/cache/{sources,hash,hash-beta,toolchain,utility,rootfs} "${SRC}"/.tmp
-		mkdir -p "${USERPATCHES_PATH}"/overlay "${SRC}"/cache/{sources,hash,hash-beta,toolchain,utility,rootfs} "${SRC}"/.tmp
+	# @TODO: original: mkdir -p "${DEST}"/debs-beta/extra "${DEST}"/debs/extra "${DEST}"/{config,debug,patch} "${USERPATCHES_PATH}"/overlay "${SRC}"/cache/{sources,hash,hash-beta,toolchain,utility,rootfs} "${SRC}"/.tmp
+	mkdir -p "${USERPATCHES_PATH}"/overlay "${SRC}"/cache/{sources,hash,hash-beta,toolchain,utility,rootfs} "${SRC}"/.tmp
 
+	# If offline, do not try to download/install toolchains.
+	if ! $offline; then
 		# Mostly deprecated.
 		download_external_toolchains
-
-	fi # check offline
+	fi
 
 	# if we're building an image, not only packages...
 	# ... and the host arch does not match the target arch ...

lib/functions/image/rootfs-to-image.sh

@@ -121,7 +121,6 @@ create_image_from_sdcard_rootfs() {
 	[[ -n $compression_type ]] && run_host_command_logged rm -v "${DESTIMG}/${version}.img"
 	run_host_command_logged rsync -av --no-owner --no-group --remove-source-files "${DESTIMG}/${version}"* "${FINALDEST}"
 	run_host_command_logged rm -rfv --one-file-system "${DESTIMG}"
-	reset_uid_owner "${FINALDEST}" # Fix owner of files in the final destination
 
 	# write image to SD card
 	write_image_to_device "${FINALDEST}/${version}.img" "${CARD_DEVICE}"