ensure missing paths get assigned correct ownership if install.py is …

…run by root

malcolm-iso/build.sh

@@ -117,7 +117,8 @@ if [ -d "$WORKDIR" ]; then
   mkdir -p "$MALCOLM_DEST_DIR/suricata/rules/"
   mkdir -p "$MALCOLM_DEST_DIR/yara/rules/"
   mkdir -p "$MALCOLM_DEST_DIR/zeek-logs/current/"
-  mkdir -p "$MALCOLM_DEST_DIR/zeek-logs/extract_files/"
+  mkdir -p "$MALCOLM_DEST_DIR/zeek-logs/extract_files/preserved"
+  mkdir -p "$MALCOLM_DEST_DIR/zeek-logs/extract_files/quarantine"
   mkdir -p "$MALCOLM_DEST_DIR/zeek-logs/live/"
   mkdir -p "$MALCOLM_DEST_DIR/zeek-logs/processed/"
   mkdir -p "$MALCOLM_DEST_DIR/zeek-logs/upload/"

scripts/install.py

@@ -666,6 +666,13 @@ def tweak_malcolm_runtime(
             os.path.join(zeekLogDirFull, os.path.join('extract_files', 'quarantine')),
         ):
             pathlib.Path(pathToCreate).mkdir(parents=True, exist_ok=True)
+            if (
+                ((self.platform == PLATFORM_LINUX) or (self.platform == PLATFORM_MAC))
+                and (self.scriptUser == "root")
+                and (getpwuid(os.stat(pathToCreate).st_uid).pw_name == self.scriptUser)
+            ):
+                # change ownership of newly-created directory to match puid/pgid
+                os.chown(pathToCreate, int(puid), int(pgid))
 
         indexSnapshotCompressed = InstallerYesOrNo('Compress OpenSearch index snapshots?', default=False)
 

scripts/malcolm_appliance_packager.sh

@@ -82,7 +82,8 @@ if mkdir "$DESTDIR"; then
   mkdir $VERBOSE -p "$DESTDIR/suricata/rules/"
   mkdir $VERBOSE -p "$DESTDIR/yara/rules/"
   mkdir $VERBOSE -p "$DESTDIR/zeek-logs/current/"
-  mkdir $VERBOSE -p "$DESTDIR/zeek-logs/extract_files/"
+  mkdir $VERBOSE -p "$DESTDIR/zeek-logs/extract_files/preserved"
+  mkdir $VERBOSE -p "$DESTDIR/zeek-logs/extract_files/quarantine"
   mkdir $VERBOSE -p "$DESTDIR/zeek-logs/live/"
   mkdir $VERBOSE -p "$DESTDIR/zeek-logs/processed/"
   mkdir $VERBOSE -p "$DESTDIR/zeek-logs/upload/"