makeself 2.4.5 - Error - change permissions from 775 to 700 on "/" (root dir) after extracting bin file

[imthernet]

Hello,
I am facing an issue with makeself that when making .bin file using makeself (version 2.4.5) and then run this binary file on system, it changes permissions to root directory from 775 to 700. The effect is after rebooting system ModemManager does not working properly cause of polkitd doesn't have right permissions to communicate with ModemManager.

On version makeself 2.4.0 there is no issue. Tested both makeself versions 2.4.0 and 2.4.5 on different PC's with ubuntu 20.04 and 22.04 and version 2.4.5 change permissions from 775 to 700 on root directory.

Checked almost everything include both scripts makeself and makeself-header.sh and can't see any changes about changing permissions. Also I tested makeself (2.4.5) with makself-header.sh (2.4.0 version) and problem is still the same.

[megastep]

This could be a side effect of whatever command is being executed within Makeself. Would you mind sharing how you're creating the archive and any scripts being called in it?

[imthernet]

Okay, at this point i see something like this. Everytime im working and creating bin file on directory with 775 permissions. After creating binary file and showing dir/files from this file using '--list' flag there are 775 permissions:
Target directory: swupdate
-rwxrwxr-x ./path/to/dir/file1
-rwxrwxr-x ./swupdate-install
-rwxrwxr-x ./swupdate-make

after running binary file, swupdate-install which is updating our files in system looks like this:

mount -o rw,remount /
rsync -ar --exclude=swupdate-* ./ /
sync
mount -o ro,remount / 2>/dev/null

and that is all.

[megastep]

I would guess that your rsync command there is copying the permissions from the directory containing your extracted files, and applying them to your root directory. It's quite possible we changed the default permissions for the temporary directory containing the files since 2.4.0 - in any event this feels potentially quite dangerous and you should probably tweak the rsync call to prevent this.

[imthernet]

Okay, but when im skipping scripts inside binary the issue is still exists. Im running binary with --keep and --noexec flag which means that i am only extracting binary file it looks like this:
drwx------ /path/to/dir

So, before extracting, when im using --list flag then it shows me this:
-rwxrwxr-x ./path/to/myscript.sh
-rwxrwxr-x ./swupdate-install
-rwxrwxr-x ./swupdate-make

After extracting binary file without execute, using --keep --noexec flags then it shows me this:
1)directory from which the binary is created:
drwx------ directory <--- which is bad permisssions (700)
2) directories/files inside directory from which the binary is created:
total 20
drwx------ 3 4096 cze 10 13:20 .
drwxrwxr-x 5 4096 cze 10 13:20 ..
drwxrwxr-x 3 4096 cze 10 13:20 opt
-rwxrwxr-x 1 302 lut 13 14:33 swupdate-install
-rwxrwxr-x 1 808 lut 13 14:35 swupdate-make

And of course im creating binary on directory which has 775 permission for 100%

[megastep]

You may want to try to use the --keep-umask option when creating your archive, otherwise the umask used is 077 which would affect the permissions of the newly created directory this way.

[imthernet]

Okay that's make sense and i will add this option.
But.. I have to ask, because in version 2.4.0 script was working good even without option --keep-umask, so default KEEP_UMASK = n.
Version 2.4.5 looks exactly the same (i see no changes in this if/fi section).
Both versions looks like this:
ORIG_UMASK=`umask`
if test "$KEEP_UMASK" = n; then
umask 077
fi

I'm drilling the topic because i almost disabled completely my external machines during this update which disabled polkitd permissions to communicate with ModemManager.