From owner-freebsd-bugs@FreeBSD.ORG Fri Oct 17 14:20:03 2008 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BF3651065688 for ; Fri, 17 Oct 2008 14:20:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id A9D2E8FC08 for ; Fri, 17 Oct 2008 14:20:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id m9HEK3Op009862 for ; Fri, 17 Oct 2008 14:20:03 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id m9HEK3wp009861; Fri, 17 Oct 2008 14:20:03 GMT (envelope-from gnats) Date: Fri, 17 Oct 2008 14:20:03 GMT Message-Id: <200810171420.m9HEK3wp009861@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: Joerg Sonnenberger Cc: Subject: Re: bin/91316: pax(1): pax -pe does not preserve times on symlinks X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Joerg Sonnenberger List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Oct 2008 14:20:03 -0000 The following reply was made to PR bin/91316; it has been noted by GNATS. From: Joerg Sonnenberger To: bug-followup@FreeBSD.org Cc: Subject: Re: bin/91316: pax(1): pax -pe does not preserve times on symlinks Date: Fri, 17 Oct 2008 15:55:46 +0200 --G4iJoqBmSsgzjUCe Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Attached is a reviewed patch that also cleans up set_lids. lchown should be used all the time for security reasons. Joerg --G4iJoqBmSsgzjUCe Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="file_subs.c.diff" Index: file_subs.c =================================================================== RCS file: /home/joerg/repo/freebsd/src/bin/pax/file_subs.c,v retrieving revision 1.22 diff -u -p -r1.22 file_subs.c --- file_subs.c 24 May 2007 06:44:37 -0000 1.22 +++ file_subs.c 17 Oct 2008 13:49:49 -0000 @@ -425,19 +425,11 @@ node_creat(ARCHD *arcn) * we were able to create the node. set uid/gid, modes and times */ if (pids) - res = ((arcn->type == PAX_SLK) ? - set_lids(arcn->name, arcn->sb.st_uid, arcn->sb.st_gid) : - set_ids(arcn->name, arcn->sb.st_uid, arcn->sb.st_gid)); + res = set_ids(arcn->name, arcn->sb.st_uid, arcn->sb.st_gid); else res = 0; /* - * symlinks are done now. - */ - if (arcn->type == PAX_SLK) - return(0); - - /* * IMPORTANT SECURITY NOTE: * if not preserving mode or we cannot set uid/gid, then PROHIBIT any * set uid/gid bits @@ -632,7 +624,7 @@ chk_path( char *name, uid_t st_uid, gid_ * used by -t to reset access times). * When ign is zero, only those times the user has asked for are set, the * other ones are left alone. We do not assume the un-documented feature - * of many utimes() implementations that consider a 0 time value as a do + * of many lutimes() implementations that consider a 0 time value as a do * not set request. */ @@ -661,7 +653,7 @@ set_ftime(char *fnm, time_t mtime, time_ /* * set the times */ - if (utimes(fnm, tv) < 0) + if (lutimes(fnm, tv) < 0) syswarn(1, errno, "Access/modification time set failed on: %s", fnm); return; @@ -677,30 +669,6 @@ set_ftime(char *fnm, time_t mtime, time_ int set_ids(char *fnm, uid_t uid, gid_t gid) { - if (chown(fnm, uid, gid) < 0) { - /* - * ignore EPERM unless in verbose mode or being run by root. - * if running as pax, POSIX requires a warning. - */ - if (strcmp(NM_PAX, argv0) == 0 || errno != EPERM || vflag || - geteuid() == 0) - syswarn(1, errno, "Unable to set file uid/gid of %s", - fnm); - return(-1); - } - return(0); -} - -/* - * set_lids() - * set the uid and gid of a file system node - * Return: - * 0 when set, -1 on failure - */ - -int -set_lids(char *fnm, uid_t uid, gid_t gid) -{ if (lchown(fnm, uid, gid) < 0) { /* * ignore EPERM unless in verbose mode or being run by root. @@ -724,7 +692,7 @@ void set_pmode(char *fnm, mode_t mode) { mode &= ABITS; - if (chmod(fnm, mode) < 0) + if (lchmod(fnm, mode) < 0) syswarn(1, errno, "Could not set permissions on %s", fnm); return; } --G4iJoqBmSsgzjUCe--