[MM-21400] Enable setuid on linux packaging (#1156)

* Fix chrome-sandbox permissions for Appimages and .debs.
* NOTE: Patch not working for tar.gz due to the way 7za is called which isn't preserving permissions. Need to create manual tar.gz target in future patch.

electron-builder.json

@@ -25,6 +25,7 @@
       ]
     }
   ],
+  "afterPack": "scripts/afterpack.js",
   "afterSign": "scripts/notarize.js",
   "deb": {
     "synopsis": "Mattermost"

scripts/afterpack.js

@@ -0,0 +1,23 @@
+// Copyright (c) 2016-present Mattermost, Inc. All Rights Reserved.
+// See LICENSE.txt for license information.
+
+const path = require('path');
+
+const {spawn} = require('electron-notarize/lib/spawn.js');
+
+const SETUID_PERMISSIONS = '4755';
+
+exports.default = async function afterPack(context) {
+  if (context.electronPlatformName === 'linux') {
+    context.targets.forEach(async (target) => {
+      if (!['appimage', 'snap'].includes(target.name.toLowerCase())) {
+        const result = await spawn('chmod', [SETUID_PERMISSIONS, path.join(context.appOutDir, 'chrome-sandbox')]);
+        if (result.code !== 0) {
+          throw new Error(
+            `Failed to set proper permissions for linux arch on ${target.name}`
+          );
+        }
+      }
+    });
+  }
+};