fix(ssh): prevent tar from overwriting remote home dir permissions

tar xf - -C / extracts the staging directory tree to the remote root. GNU tar default behavior overwrites metadata (including mode) of existing directories. When the local umask is 002 (Ubuntu default), the staging dirs are 0775, and tar chmod's /home/<user> to 0775 — breaking sshd StrictModes which requires 0755 or stricter for home dirs. Add --no-overwrite-dir to the remote tar command so existing directory metadata is preserved. Fixes #17767
2026-05-03 01:07:31 +08:00 · 2026-04-30 16:32:27 +07:00
parent 8d302e37a8
commit cb130bf776
1 changed files with 5 additions and 1 deletions
--- a/tools/environments/ssh.py
+++ b/tools/environments/ssh.py
@@ -182,7 +182,11 @@ class SSHEnvironment(BaseEnvironment):

            tar_cmd = ["tar", "-chf", "-", "-C", staging, "."]
            ssh_cmd = self._build_ssh_command()
-            ssh_cmd.append("tar xf - -C /")
+            # --no-overwrite-dir prevents tar from overwriting the mode of
+            # existing directories (e.g. /home/<user>) with the staging
+            # directory's mode.  Without this, a umask 002 produces 0775
+            # dirs which breaks sshd StrictModes (refuses authorized_keys).
+            ssh_cmd.append("tar xf - --no-overwrite-dir -C /")

            tar_proc = subprocess.Popen(
                tar_cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE