[PATCH][PSEUDO 0/4] Fix stripped mode with newer coreutils cp

[PATCH][PSEUDO 0/4] Fix stripped mode with newer coreutils cp

[Richard Tollerton]

So we noticed that cp -Rp was stripping special bits off of directories when run
under pseudo. The super interesting thing was that people saw this when
upgrading their build machines from Ubuntu 12.04 to 16.04. Root cause is in the
commit message in the first patch, which also contains the fix.

I also added a test for this, and fixed up the perms on another test.
run_tests.sh reports 13/13 pass.

Also updated contact info in the README.

Thanks.

Richard Tollerton (4):
  linux/xattr/pseudo_wrappers.c: Preserve special bits on acl set
  test-cp-setuid.sh: add
  test-tclsh-fork.sh: fix permissions
  README: update contact info

 README                              |  9 +++++++--
 ports/linux/xattr/pseudo_wrappers.c | 19 +++++++++++++++++++
 test/test-cp-setuid.sh              | 23 +++++++++++++++++++++++
 test/test-tclsh-fork.sh             |  0
 4 files changed, 49 insertions(+), 2 deletions(-)
 create mode 100755 test/test-cp-setuid.sh
 mode change 100644 => 100755 test/test-tclsh-fork.sh

-- 
2.14.1

[PATCH][PSEUDO 1/4] linux/xattr/pseudo_wrappers.c: Preserve special bits on acl set

[Richard Tollerton]

Recently (2015) coreutils cp -Rp changed its behavior such that chmod()
is followed by setxattr(); previously it was the other way around. This
broke pseudo when a copied directory has one of the special
bits (setuid, setgid, sticky) set; the special bit wound up getting
removed.

Root cause is that ACLs never included special bits in the first place,
so we need to merge them back in ourselves.

[YOCTO #12379]

Signed-off-by: Richard Tollerton <rich.tollerton@ni.com>
---
 ports/linux/xattr/pseudo_wrappers.c | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/ports/linux/xattr/pseudo_wrappers.c b/ports/linux/xattr/pseudo_wrappers.c
index d69d53e..1c228a2 100644
--- a/ports/linux/xattr/pseudo_wrappers.c
+++ b/ports/linux/xattr/pseudo_wrappers.c
@@ -97,6 +97,21 @@ posix_permissions(const acl_header *header, int entries, int *extra, int *mode)
 	return 0;
 }
 
+static int get_special_bits(const char *path, int fd) {
+	int rc;
+	struct stat64 buf;
+	if (path) {
+		rc = lstat64(path, &buf);
+	} else {
+		rc = fstat64(fd, &buf);
+	}
+	if (rc == -1) {
+		return rc;
+	}
+
+	return buf.st_mode & (S_ISUID | S_ISGID | S_ISVTX);
+}
+
 #define RC_AND_BUF \
 	int rc; \
 	PSEUDO_STATBUF buf; \
@@ -172,6 +187,10 @@ static int shared_setxattr(const char *path, int fd, const char *name, const voi
 		int entries = (size - sizeof(acl_header)) / sizeof(acl_entry);
 		int res = posix_permissions(value, entries, &extra, &mode);
 		if (res == 0) {
+			/* POSIX ACLs don't actually include
+			 * setuid/setgid/sticky bit. We need to add those back
+			 * in ourselves. */
+			mode |= get_special_bits(path, fd);
 			pseudo_debug(PDBGF_XATTR, "posix_acl_access translated to mode %04o. Remaining attribute(s): %d.\n",
 				mode, extra);
 			buf.st_mode = mode;
-- 
2.14.1

[PATCH][PSEUDO 2/4] test-cp-setuid.sh: add

[Richard Tollerton]

New test to verify that special bits including setuid are preserved
under `cp -Rp`. This is a regression test of [YOCTO #12379]. Without a
recently committed fix, this test will fail on coreutils 8.24 and later.

Signed-off-by: Richard Tollerton <rich.tollerton@ni.com>
---
 test/test-cp-setuid.sh | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100755 test/test-cp-setuid.sh

diff --git a/test/test-cp-setuid.sh b/test/test-cp-setuid.sh
new file mode 100755
index 0000000..cdb2cd3
--- /dev/null
+++ b/test/test-cp-setuid.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+set -e
+
+# Verify that special bits (setuid/setgid/sticky) are preserved.
+#
+# Return vals:
+#
+#                 2 - Incorrect permissions
+# All other nonzero - Unexpected command error
+#                 0 - Pass
+
+trap "rm -rf d1 d2" EXIT
+
+mkdir d1
+chmod 7777 d1
+cp -Rp d1 d2
+perms=`ls -od d1 d2 | cut -c 1-10 | uniq`
+if [ "$perms" != drwsrwsrwt ]; then
+	exit 2
+fi
+
+
+exit 0
-- 
2.14.1

[PATCH][PSEUDO 3/4] test-tclsh-fork.sh: fix permissions

[Richard Tollerton]

This was mode 644, needs to be mode 755.

Signed-off-by: Richard Tollerton <rich.tollerton@ni.com>
---
 test/test-tclsh-fork.sh | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 mode change 100644 => 100755 test/test-tclsh-fork.sh

diff --git a/test/test-tclsh-fork.sh b/test/test-tclsh-fork.sh
old mode 100644
new mode 100755
-- 
2.14.1

[PATCH][PSEUDO 4/4] README: update contact info

[Richard Tollerton]

Explicitly point to oe-core mailing list and yocto bugzilla.

Signed-off-by: Richard Tollerton <rich.tollerton@ni.com>
---
 README | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/README b/README
index afe6b27..093ec56 100644
--- a/README
+++ b/README
@@ -72,8 +72,13 @@ FUTURE DIRECTIONS:
 * I have no intention of converting to autoconf.  It is the wrong tool
   for the job.
 
-Please feel free to send bug feedback, change requests, or general
-commentary.
+
+CONTACT:
+
+Discussions and patches should be directed at the openembedded-core mailing
+list at openembedded-core@lists.openembedded.org. More information at
+https://www.openembedded.org/wiki/Mailing_lists. Bugs should be filed with
+the Yocto project at https://bugzilla.yoctoproject.org/.
 
 
 ACKNOWLEDGEMENTS:
-- 
2.14.1

Re: [PATCH][PSEUDO 0/4] Fix stripped mode with newer coreutils cp

[Seebs]

On Wed, 29 Nov 2017 12:02:38 -0600
Richard Tollerton <rich.tollerton@ni.com> wrote:

> So we noticed that cp -Rp was stripping special bits off of
> directories when run under pseudo. The super interesting thing was
> that people saw this when upgrading their build machines from Ubuntu
> 12.04 to 16.04. Root cause is in the commit message in the first
> patch, which also contains the fix.
> 
> I also added a test for this, and fixed up the perms on another test.
> run_tests.sh reports 13/13 pass.
> 
> Also updated contact info in the README.

This looks good to me. Thanks!

(I'm still hoping to get a free day or two to merge patches. Any day
now.)

-s