From 6fe39399237535dd1dae99abcd18e61bf24c18cf Mon Sep 17 00:00:00 2001
From: robojerk <rob@raines.xyz>
Date: Tue, 5 Aug 2025 11:07:10 -0700
Subject: [PATCH] Fix Podman permission issues and improve package handling -
 Avoid changing ownership of host files in containers - Only change ownership
 of script files needed for execution - Copy built packages to builds/
 directory instead of workspace root - Add builds/ and package files to
 .gitignore - This prevents permission issues and keeps built packages
 organized

---
 .gitignore         |  4 ++++
 backport-noble.sh  | 17 ++++++++++++++---
 backport-trixie.sh | 17 ++++++++++++++---
 3 files changed, 32 insertions(+), 6 deletions(-)
 create mode 100644 .gitignore
 mode change 100755 => 100644 backport-trixie.sh

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..92fe9af
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+builds/
+*.deb
+*.dsc
+*.tar.*
diff --git a/backport-noble.sh b/backport-noble.sh
index b3e6966..323d1e8 100755
--- a/backport-noble.sh
+++ b/backport-noble.sh
@@ -62,7 +62,6 @@ run_in_podman() {
         --name "$CONTAINER_NAME" \
         --privileged \
         --security-opt label=disable \
-        -v /opt:/opt:shared \
         -v "$(pwd):/workspace:Z" \
         -w /workspace \
         ubuntu:24.04 \
@@ -78,9 +77,21 @@ run_in_podman() {
             cd /workspace
             # Create a non-root user for running the script
             useradd -m -s /bin/bash backport-user
-            chown -R backport-user:backport-user /workspace
+            # Don't change ownership of host files - only workspace content
+            chown -R backport-user:backport-user /workspace/*.sh
+            chown -R backport-user:backport-user /workspace/ostree-backport.sh
             echo 'backport-user ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
-            su - backport-user -c 'cd /workspace && ./ostree-backport.sh noble'
+            # Create build directory inside container
+            mkdir -p /home/backport-user/build
+            chown -R backport-user:backport-user /home/backport-user
+            su - backport-user -c 'cd /workspace && BACKPORT_DIR=/home/backport-user/build/ostree-backport-noble ./ostree-backport.sh noble'
+            # Copy built packages to host builds directory
+            echo '=== Copying built packages to host builds/ directory ==='
+            mkdir -p /workspace/builds
+            cp -r /home/backport-user/build/ostree-backport-noble/*.deb /workspace/builds/ 2>/dev/null || echo 'No .deb files found'
+            cp -r /home/backport-user/build/ostree-backport-noble/*.dsc /workspace/builds/ 2>/dev/null || echo 'No .dsc files found'
+            cp -r /home/backport-user/build/ostree-backport-noble/*.tar.* /workspace/builds/ 2>/dev/null || echo 'No source tarballs found'
+            echo '=== Build complete. Check builds/ directory for packages ==='
         "
 }
 
diff --git a/backport-trixie.sh b/backport-trixie.sh
old mode 100755
new mode 100644
index 370f437..7f7fcac
--- a/backport-trixie.sh
+++ b/backport-trixie.sh
@@ -62,7 +62,6 @@ run_in_podman() {
         --name "$CONTAINER_NAME" \
         --privileged \
         --security-opt label=disable \
-        -v /opt:/opt:shared \
         -v "$(pwd):/workspace:Z" \
         -w /workspace \
         debian:testing \
@@ -78,9 +77,21 @@ run_in_podman() {
             cd /workspace
             # Create a non-root user for running the script
             useradd -m -s /bin/bash backport-user
-            chown -R backport-user:backport-user /workspace
+            # Don't change ownership of host files - only workspace content
+            chown -R backport-user:backport-user /workspace/*.sh
+            chown -R backport-user:backport-user /workspace/ostree-backport.sh
             echo 'backport-user ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
-            su - backport-user -c 'cd /workspace && ./ostree-backport.sh trixie'
+            # Create build directory inside container
+            mkdir -p /home/backport-user/build
+            chown -R backport-user:backport-user /home/backport-user
+            su - backport-user -c 'cd /workspace && BACKPORT_DIR=/home/backport-user/build/ostree-backport-trixie ./ostree-backport.sh trixie'
+            # Copy built packages to host builds directory
+            echo '=== Copying built packages to host builds/ directory ==='
+            mkdir -p /workspace/builds
+            cp -r /home/backport-user/build/ostree-backport-trixie/*.deb /workspace/builds/ 2>/dev/null || echo 'No .deb files found'
+            cp -r /home/backport-user/build/ostree-backport-trixie/*.dsc /workspace/builds/ 2>/dev/null || echo 'No .dsc files found'
+            cp -r /home/backport-user/build/ostree-backport-trixie/*.tar.* /workspace/builds/ 2>/dev/null || echo 'No source tarballs found'
+            echo '=== Build complete. Check builds/ directory for packages ==='
         "
 }