Date: Thu, 13 Feb 1997 14:50:25 -0800 (PST) From: Paul Traina <pst@jnx.com> To: FreeBSD-gnats-submit@freebsd.org Cc: jkh@freebsd.org Subject: bin/2730: pkg_extract @owner/@group/@mode does not work Message-ID: <199702132250.OAA11206@base.jnx.com> Resent-Message-ID: <199702132300.PAA16319@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 2730
>Category: bin
>Synopsis: pkg_extract @owner/@group/@mode does not work
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Feb 13 15:00:02 PST 1997
>Last-Modified:
>Originator: Paul Traina
>Organization:
Juniper Networks
>Release: FreeBSD 2.2-CURRENT i386
>Environment:
FreeBSD 2.2 -current [PLEASE FIX THIS IN 2.2!]
I have a PLIST with the following stuff in it:
@name juniper_host
@cwd /usr
@owner bin
@group bin
sbin/food
@owner root
@mode 4111
sbin/cli
@mode
@owner bin
IMPORTANT: We don't user @owner/@group in FreeBSD packages because
packages are created by root, so FreeBSD relies on tar
"doing the right thing". However, this seems bogus.
It should be possible to create packages without being
root on the local system (for instance, if you want to
use pkg_add for software distribution), and use the
owner/group/mode directives to do fixups at the remote
side. This is not a security problem in my view.
>Description:
pkg_extract documents and implements support for having the final
extractor set owner group and mode permissions after extracting
data from the .tgz file.
These commands were broken in:
revision 1.7
date: 1995/05/19 22:40:54; author: jkh; state: Exp; lines: +3 -3
Only apply @mode directives to files.
Don't use the -p flag to tar; it sets the files to the wrong permissions.
Submitted by: jmz
Which attempted to not apply @owner/@group/@mode permissions to
directories in an attempt to avoid accidently misseting directory
permissions.
I think this entire change is incorrect. I feel that:
(a) the -p option to tar should be used, as packages should
not be affected by root's umask (if this is otherwise
handled by setting umask to 0 in pkg_add, that is
fine too, and you can ignore this comment.
(b) The patch seems to want to check to see if
permission changes are to be applied to a directory,
HOWEVER, the test checks to see if the remote directory
is a directory, which is always true, so apply_perms
is never called, which breaks these directives.
Finally, I think the justification for the patch was indeed incorrect.
If someone wants to change the owner, group, or mode on a directory,
the package author should be a big enough boy or girl to not screw
up modes on directoiries listed in the PLIST.
>How-To-Repeat:
Use a PLIST with owner/mode/group.
>Fix:
Index: extract.c
===================================================================
RCS file: /cvs/freebsd/src/usr.sbin/pkg_install/add/extract.c,v
retrieving revision 1.7
diff -u -r1.7 extract.c
--- extract.c 1995/05/19 22:40:54 1.7
+++ extract.c 1997/02/13 22:39:13
@@ -34,13 +34,13 @@
if (strlen(where_args) > sizeof(STARTSTRING)-1) { \
strcat(where_args, "|tar xf - -C "); \
strcat(where_args, todir); \
if (system(where_args)) \
barf("can't invoke tar pipeline"); \
strcpy(where_args, STARTSTRING); \
where_count = sizeof(STARTSTRING)-1; \
} \
if (perm_count) { \
- if (!isdir(todir)) apply_perms(todir, perm_args); \
+ apply_perms(todir, perm_args); \
perm_args[0] = 0;\
perm_count = 0; \
}
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702132250.OAA11206>