Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 18 Jan 2013 20:57:50 +0000 (UTC)
From:      Brooks Davis <brooks@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r245617 - in head: . usr.bin/xinstall
Message-ID:  <201301182057.r0IKvoHB039818@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: brooks
Date: Fri Jan 18 20:57:50 2013
New Revision: 245617
URL: http://svnweb.freebsd.org/changeset/base/245617

Log:
  Introduce six new options from NetBSD:
   * -M <metalog>   Log metadata in mtree format.
   * -D <destdir>   Log paths relative to <destdir>.
   * -h <hash>      Log digest of type <hash>.
   * -T <tags>      Specify which mtree tags to log.
   * -l <linkflag>  Create hard or symbolic links (allows logging).
   * -U             Install without root privileges (owner, group, mode,
                    and flags can be logged via -M
  
  NOTE: In the interest of compatibility with NetBSD and because it is the
  obvious letter, the nearly useless -M option (disable mmap) has been
  repurposed.
  
  Sponsored by:	DARPA, AFRL
  Obtained from:	NetBSD
  Reviewed by:	bz

Modified:
  head/UPDATING
  head/usr.bin/xinstall/Makefile
  head/usr.bin/xinstall/install.1
  head/usr.bin/xinstall/xinstall.c

Modified: head/UPDATING
==============================================================================
--- head/UPDATING	Fri Jan 18 20:30:15 2013	(r245616)
+++ head/UPDATING	Fri Jan 18 20:57:50 2013	(r245617)
@@ -26,6 +26,15 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 10
 	disable the most expensive debugging functionality run
 	"ln -s 'abort:false,junk:false' /etc/malloc.conf".)
 
+20130118:
+	The install(1) option -M has changed meaning and now takes an
+	argument that is a file or path to append logs to.  In the
+	unlikely event that -M was the last option on the command line
+	and the command line contained at least two files and a target
+	directory the first file will have logs appended to it.  The -M
+	option served little practical purpose in the last decade so it's
+	used expected to be extremely rare.
+
 20121223:
 	After switching to Clang as the default compiler some users of ZFS
 	on i386 systems started to experience stack overflow kernel panics.

Modified: head/usr.bin/xinstall/Makefile
==============================================================================
--- head/usr.bin/xinstall/Makefile	Fri Jan 18 20:30:15 2013	(r245616)
+++ head/usr.bin/xinstall/Makefile	Fri Jan 18 20:57:50 2013	(r245617)
@@ -10,7 +10,7 @@ MAN=		install.1
 CFLAGS+=	-I${.CURDIR}/../../contrib/mtree
 CFLAGS+=	-I${.CURDIR}/../../lib/libnetbsd
 
-DPADD+=		${LIBUTIL}
-LDADD+=		-lutil
+DPADD+=		${LIBUTIL} ${LIBMD}
+LDADD+=		-lutil -lmd
 
 .include <bsd.prog.mk>

Modified: head/usr.bin/xinstall/install.1
==============================================================================
--- head/usr.bin/xinstall/install.1	Fri Jan 18 20:30:15 2013	(r245616)
+++ head/usr.bin/xinstall/install.1	Fri Jan 18 20:57:50 2013	(r245617)
@@ -28,7 +28,7 @@
 .\"	From: @(#)install.1	8.1 (Berkeley) 6/6/93
 .\" $FreeBSD$
 .\"
-.Dd March 6, 2006
+.Dd January 18, 2013
 .Dt INSTALL 1
 .Os
 .Sh NAME
@@ -36,34 +36,50 @@
 .Nd install binaries
 .Sh SYNOPSIS
 .Nm
-.Op Fl bCcMpSsv
+.Op Fl bCcMpSsUv
 .Op Fl B Ar suffix
+.Op Fl D Ar destdir
 .Op Fl f Ar flags
 .Op Fl g Ar group
+.Op Fl h Ar hash
+.Op Fl l Ar linkflags
+.Op Fl M Ar metalog
 .Op Fl m Ar mode
 .Op Fl N Ar dbdir
 .Op Fl o Ar owner
+.Op Fl T Ar tags
 .Ar file1 file2
 .Nm
-.Op Fl bCcMpSsv
+.Op Fl bCcMpSsUv
 .Op Fl B Ar suffix
+.Op Fl D Ar destdir
 .Op Fl f Ar flags
 .Op Fl g Ar group
+.Op Fl h Ar hash
+.Op Fl l Ar linkflags
+.Op Fl M Ar metalog
 .Op Fl m Ar mode
 .Op Fl N Ar dbdir
 .Op Fl o Ar owner
+.Op Fl T Ar tags
 .Ar file1 ... fileN directory
 .Nm
 .Fl d
-.Op Fl v
+.Op Fl Uv
+.Op Fl D Ar destdir
 .Op Fl g Ar group
+.Op Fl h Ar hash
+.Op Fl M Ar metalog
 .Op Fl m Ar mode
 .Op Fl N Ar dbdir
 .Op Fl o Ar owner
+.Op Fl T Ar tags
 .Ar directory ...
 .Sh DESCRIPTION
 The file(s) are copied
-to the target file or directory.
+(or linked if the
+.Fl l
+option is specified) to the target file or directory.
 If the destination is a directory, then the
 .Ar file
 is copied into
@@ -108,6 +124,17 @@ This is actually the default.
 The
 .Fl c
 option is only included for backwards compatibility.
+.It Fl D Ar destdir
+Specify the
+.Ev DESTDIR
+(top of the file hierarchy) that the items are installed in to.
+If
+.Fl M Ar metalog
+is in use, a leading string of
+.Dq Ar destdir
+will be removed from the file names logged to the
+.Ar metalog .
+This option does not affect where the actual files are installed.
 .It Fl d
 Create directories.
 Missing parent directories are created as required.
@@ -118,9 +145,67 @@ for a list of possible flags and their m
 .It Fl g
 Specify a group.
 A numeric GID is allowed.
+.It Fl h Ar hash 
+When copying, calculate the digest of the files with
+.Ar hash
+to store in the
+.Fl M Ar metalog .
+When
+.Fl d
+is given no hash is emitted.
+Supported digests:
+.Bl -tag -width rmd160 -offset indent
+.It Sy none
+No hash.
+This is the default.
+.It Sy md5
+The MD5 cryptographic message digest.
+.It Sy rmd160
+The RMD-160 cryptographic message digest.
+.It Sy sha1
+The SHA-1 cryptographic message digest.
+.It Sy sha256
+The 256-bits
+.Tn SHA-2
+cryptographic message digest of the file.
+.It Sy sha512
+The 512-bits
+.Tn SHA-2
+cryptographic message digest of the file.
+.El
+.It Fl l Ar linkflags
+Instead of copying the file make a link to the source.
+The type of the link is determined by the
+.Ar linkflags
+argument.
+Valid
+.Ar linkflags
+are:
+.Ar a
+(absolute),
+.Ar r
+(relative),
+.Ar h
+(hard),
+.Ar s
+(symbolic),
+.Ar m
+(mixed).
+Absolute and relative have effect only for symbolic links.
+Mixed links
+are hard links for files on the same filesystem, symbolic otherwise.
 .It Fl M
 Disable all use of
 .Xr mmap 2 .
+.It Fl M Ar metalog
+Write the metadata associated with each item installed to
+.Ar metalog  
+in an
+.Xr mtree 8
+.Dq full path
+specification line.
+The metadata includes: the file name and file type, and depending upon
+other options, the owner, group, file flags, modification time, and tags.
 .It Fl m
 Specify an alternate mode.
 The default mode is set to rwxr-xr-x (0755).
@@ -171,6 +256,17 @@ number of systems and binary types.
 See below for how
 .Nm
 can be instructed to use another program to strip binaries.
+.It Fl T Ar tags
+Specify the
+.Xr mtree 8
+tags to write out for the file when using
+.Fl M Ar metalog .
+.It Fl U
+Indicate that install is running unprivileged, and that it should not
+try to change the owner, the group, or the file flags of the destination.
+The information that would have been updated can be stored in a log
+file with
+.Fl M Ar metalog .
 .It Fl v
 Cause
 .Nm
@@ -255,6 +351,16 @@ The
 utility appeared in
 .Bx 4.2 .
 .Sh BUGS
+The meaning of the
+.Fl M
+option has changed as of
+.Fx 10
+and it now takes an argument.
+Command lines that used the old
+.Fl M
+will get an error or in rare cases will append logs to the first of
+multiple source files rather than installing it.
+.Pp
 Temporary files may be left in the target directory if
 .Nm
 exits abnormally.

Modified: head/usr.bin/xinstall/xinstall.c
==============================================================================
--- head/usr.bin/xinstall/xinstall.c	Fri Jan 18 20:30:15 2013	(r245616)
+++ head/usr.bin/xinstall/xinstall.c	Fri Jan 18 20:57:50 2013	(r245617)
@@ -1,4 +1,5 @@
 /*
+ * Copyright (c) 2012, 2013 SRI International
  * Copyright (c) 1987, 1993
  *	The Regents of the University of California.  All rights reserved.
  *
@@ -53,14 +54,21 @@ __FBSDID("$FreeBSD$");
 #include <errno.h>
 #include <fcntl.h>
 #include <grp.h>
+#include <libgen.h>
+#include <md5.h>
 #include <paths.h>
 #include <pwd.h>
+#include <ripemd.h>
+#include <sha.h>
+#include <sha256.h>
+#include <sha512.h>
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <sysexits.h>
 #include <unistd.h>
+#include <vis.h>
 
 #include "mtree.h"
 
@@ -71,24 +79,62 @@ __FBSDID("$FreeBSD$");
 
 #define MAX_CMP_SIZE	(16 * 1024 * 1024)
 
+#define	LN_ABSOLUTE	0x01
+#define	LN_RELATIVE	0x02
+#define	LN_HARD		0x04
+#define	LN_SYMBOLIC	0x08
+#define	LN_MIXED	0x10
+
 #define	DIRECTORY	0x01		/* Tell install it's a directory. */
 #define	SETFLAGS	0x02		/* Tell install to set flags. */
 #define	NOCHANGEBITS	(UF_IMMUTABLE | UF_APPEND | SF_IMMUTABLE | SF_APPEND)
 #define	BACKUP_SUFFIX	".old"
 
+typedef union {
+	MD5_CTX		MD5;
+	RIPEMD160_CTX	RIPEMD160;
+	SHA1_CTX	SHA1;
+	SHA256_CTX	SHA256;
+	SHA512_CTX	SHA512;
+}	DIGEST_CTX;
+
+static enum {
+	DIGEST_NONE = 0,
+	DIGEST_MD5,
+	DIGEST_RIPEMD160,
+	DIGEST_SHA1,
+	DIGEST_SHA256,
+	DIGEST_SHA512,
+} digesttype = DIGEST_NONE;
+
 static gid_t gid;
 static uid_t uid;
-static int dobackup, docompare, dodir, dopreserve, dostrip, nommap, safecopy,
-    verbose;
+static int dobackup, docompare, dodir, dolink, dopreserve, dostrip, dounpriv,
+    safecopy, verbose;
+static int haveopt_f, haveopt_g, haveopt_m, haveopt_o;
 static mode_t mode = S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH;
+static FILE *metafp;
+static const char *group, *owner;
 static const char *suffix = BACKUP_SUFFIX;
+static char *destdir, *digest, *fflags, *metafile, *tags;
 
-static int	compare(int, const char *, size_t, int, const char *, size_t);
-static void	copy(int, const char *, int, const char *, off_t);
+static int	compare(int, const char *, size_t, int, const char *, size_t,
+		    char **);
+static char	*copy(int, const char *, int, const char *, off_t);
 static int	create_newfile(const char *, int, struct stat *);
 static int	create_tempfile(const char *, char *, size_t);
+static char	*quiet_mktemp(char *template);
+static char	*digest_file(const char *);
+static void	digest_init(DIGEST_CTX *);
+static void	digest_update(DIGEST_CTX *, const unsigned char *, size_t);
+static char	*digest_end(DIGEST_CTX *, char *);
+static int	do_link(const char *, const char *, const struct stat *);
+static void	do_symlink(const char *, const char *, const struct stat *);
+static void	makelink(const char *, const char *, const struct stat *);
 static void	install(const char *, const char *, u_long, u_int);
 static void	install_dir(char *);
+static void	metadata_log(const char *, const char *, struct timeval *,
+		    const char *, const char *, off_t);
 static int	parseid(const char *, id_t *);
 static void	strip(const char *);
 static int	trymmap(int);
@@ -102,12 +148,13 @@ main(int argc, char *argv[])
 	u_long fset;
 	int ch, no_target;
 	u_int iflags;
-	char *flags;
-	const char *group, *owner, *to_name;
+	char *p;
+	const char *to_name;
 
 	iflags = 0;
 	group = owner = NULL;
-	while ((ch = getopt(argc, argv, "B:bCcdf:g:Mm:N:o:pSsv")) != -1)
+	while ((ch = getopt(argc, argv, "B:bCcD:df:g:h:l:M:m:N:o:pSsT:Uv")) !=
+	     -1)
 		switch((char)ch) {
 		case 'B':
 			suffix = optarg;
@@ -121,22 +168,56 @@ main(int argc, char *argv[])
 		case 'c':
 			/* For backwards compatibility. */
 			break;
+		case 'D':
+			destdir = optarg;
+			break;
 		case 'd':
 			dodir = 1;
 			break;
 		case 'f':
-			flags = optarg;
-			if (strtofflags(&flags, &fset, NULL))
-				errx(EX_USAGE, "%s: invalid flag", flags);
-			iflags |= SETFLAGS;
+			haveopt_f = 1;
+			fflags = optarg;
 			break;
 		case 'g':
+			haveopt_g = 1;
 			group = optarg;
 			break;
+		case 'h':
+			digest = optarg;
+			break;
+		case 'l':
+			for (p = optarg; *p != '\0'; p++)
+				switch (*p) {
+				case 's':
+					dolink &= ~(LN_HARD|LN_MIXED);
+					dolink |= LN_SYMBOLIC;
+					break;
+				case 'h':
+					dolink &= ~(LN_SYMBOLIC|LN_MIXED);
+					dolink |= LN_HARD;
+					break;
+				case 'm':
+					dolink &= ~(LN_SYMBOLIC|LN_HARD);
+					dolink |= LN_MIXED;
+					break;
+				case 'a':
+					dolink &= ~LN_RELATIVE;
+					dolink |= LN_ABSOLUTE;
+					break;
+				case 'r':
+					dolink &= ~LN_ABSOLUTE;
+					dolink |= LN_RELATIVE;
+					break;
+				default:
+					errx(1, "%c: invalid link type", *p);
+					/* NOTREACHED */
+				}
+			break;
 		case 'M':
-			nommap = 1;
+			metafile = optarg;
 			break;
 		case 'm':
+			haveopt_m = 1;
 			if (!(set = setmode(optarg)))
 				errx(EX_USAGE, "invalid file mode: %s",
 				     optarg);
@@ -145,10 +226,11 @@ main(int argc, char *argv[])
 			break;
 		case 'N':
 			if (!setup_getid(optarg))
-				err(1, "Unable to use user and group "
+				err(EX_OSERR, "Unable to use user and group "
 				    "databases in `%s'", optarg);
 			break;
 		case 'o':
+			haveopt_o = 1;
 			owner = optarg;
 			break;
 		case 'p':
@@ -160,6 +242,12 @@ main(int argc, char *argv[])
 		case 's':
 			dostrip = 1;
 			break;
+		case 'T':
+			tags = optarg;
+			break;
+		case 'U':
+			dounpriv = 1;
+			break;
 		case 'v':
 			verbose = 1;
 			break;
@@ -185,14 +273,33 @@ main(int argc, char *argv[])
 	if (argc == 0 || (argc == 1 && !dodir))
 		usage();
 
+	if (digest != NULL) {
+		if (strcmp(digest, "none") == 0) {
+			digesttype = DIGEST_NONE;
+		} else if (strcmp(digest, "md5") == 0) {
+		       digesttype = DIGEST_MD5;
+		} else if (strcmp(digest, "rmd160") == 0) {
+			digesttype = DIGEST_RIPEMD160;
+		} else if (strcmp(digest, "sha1") == 0) {
+			digesttype = DIGEST_SHA1;
+		} else if (strcmp(digest, "sha256") == 0) {
+			digesttype = DIGEST_SHA256;
+		} else if (strcmp(digest, "sha512") == 0) {
+			digesttype = DIGEST_SHA512;
+		} else {
+			warnx("unknown digest `%s'", digest);
+			usage();
+		}
+	}
+
 	/* need to make a temp copy so we can compare stripped version */
 	if (docompare && dostrip)
 		safecopy = 1;
 
 	/* get group and owner id's */
-	if (group != NULL) {
+	if (group != NULL && !dounpriv) {
 		if (gid_from_group(group, &gid) == -1) {
-			id_t id;  
+			id_t id;
 			if (!parseid(group, &id))
 				errx(1, "unknown group %s", group);
 			gid = id;
@@ -200,7 +307,7 @@ main(int argc, char *argv[])
 	} else
 		gid = (gid_t)-1;
 
-	if (owner != NULL) {
+	if (owner != NULL && !dounpriv) {
 		if (uid_from_user(owner, &uid) == -1) {
 			id_t id;
 			if (!parseid(owner, &id))
@@ -210,6 +317,18 @@ main(int argc, char *argv[])
 	} else
 		uid = (uid_t)-1;
 
+	if (fflags != NULL && !dounpriv) {
+		if (strtofflags(&fflags, &fset, NULL))
+			errx(EX_USAGE, "%s: invalid flag", fflags);
+		iflags |= SETFLAGS;
+	}
+
+	if (metafile != NULL) {
+		if ((metafp = fopen(metafile, "a")) == NULL)
+			warn("open %s", metafile);
+	} else
+		digesttype = DIGEST_NONE;
+
 	if (dodir) {
 		for (; *argv != NULL; ++argv)
 			install_dir(*argv);
@@ -236,7 +355,7 @@ main(int argc, char *argv[])
 		usage();
 	}
 
-	if (!no_target) {
+	if (!no_target && !dolink) {
 		if (stat(*argv, &from_sb))
 			err(EX_OSERR, "%s", *argv);
 		if (!S_ISREG(to_sb.st_mode)) {
@@ -253,6 +372,96 @@ main(int argc, char *argv[])
 	/* NOTREACHED */
 }
 
+static char *
+digest_file(const char *name)
+{
+
+	switch (digesttype) {
+	case DIGEST_MD5:
+		return (MD5File(name, NULL));
+	case DIGEST_RIPEMD160:
+		return (RIPEMD160_File(name, NULL));
+	case DIGEST_SHA1:
+		return (SHA1_File(name, NULL));
+	case DIGEST_SHA256:
+		return (SHA256_File(name, NULL));
+	case DIGEST_SHA512:
+		return (SHA512_File(name, NULL));
+	default:
+		return (NULL);
+	}
+}
+
+static void
+digest_init(DIGEST_CTX *c)
+{
+
+	switch (digesttype) {
+	case DIGEST_NONE:
+		break;
+	case DIGEST_MD5:
+		MD5Init(&(c->MD5));
+		break;
+	case DIGEST_RIPEMD160:
+		RIPEMD160_Init(&(c->RIPEMD160));
+		break;
+	case DIGEST_SHA1:
+		SHA1_Init(&(c->SHA1));
+		break;
+	case DIGEST_SHA256:
+		SHA256_Init(&(c->SHA256));
+		break;
+	case DIGEST_SHA512:
+		SHA512_Init(&(c->SHA512));
+		break;
+	}
+}
+
+static void
+digest_update(DIGEST_CTX *c, const unsigned char *data, size_t len)
+{
+
+	switch (digesttype) {
+	case DIGEST_NONE:
+		break;
+	case DIGEST_MD5:
+		MD5Update(&(c->MD5), data, len);
+		break;
+	case DIGEST_RIPEMD160:
+		RIPEMD160_Update(&(c->RIPEMD160), data, len);
+		break;
+	case DIGEST_SHA1:
+		SHA1_Update(&(c->SHA1), data, len);
+		break;
+	case DIGEST_SHA256:
+		SHA256_Update(&(c->SHA256), data, len);
+		break;
+	case DIGEST_SHA512:
+		SHA512_Update(&(c->SHA512), data, len);
+		break;
+	}
+}
+
+static char *
+digest_end(DIGEST_CTX *c, char *buf)
+{
+
+	switch (digesttype) {
+	case DIGEST_MD5:
+		return (MD5End(&(c->MD5), buf));
+	case DIGEST_RIPEMD160:
+		return (RIPEMD160_End(&(c->RIPEMD160), buf));
+	case DIGEST_SHA1:
+		return (SHA1_End(&(c->SHA1), buf));
+	case DIGEST_SHA256:
+		return (SHA256_End(&(c->SHA256), buf));
+	case DIGEST_SHA512:
+		return (SHA512_End(&(c->SHA512), buf));
+	default:
+		return (NULL);
+	}
+}
+
 /*
  * parseid --
  *	parse uid or gid from arg into id, returning non-zero if successful
@@ -269,6 +478,224 @@ parseid(const char *name, id_t *id)
 }
 
 /*
+ * quiet_mktemp --
+ *	mktemp implementation used mkstemp to avoid mktemp warnings.  We
+ *	really do need mktemp semantics here as we will be creating a link.
+ */
+static char *
+quiet_mktemp(char *template)
+{
+	int fd;
+
+	if ((fd = mkstemp(template)) == -1)
+		return (NULL);
+	close (fd);
+	if (unlink(template) == -1)
+		err(EX_OSERR, "unlink %s", template);
+	return (template);
+}
+
+/*
+ * do_link --
+ *	make a hard link, obeying dorename if set
+ *	return -1 on failure
+ */
+static int
+do_link(const char *from_name, const char *to_name,
+    const struct stat *target_sb)
+{
+	char tmpl[MAXPATHLEN];
+	int ret;
+
+	if (safecopy && target_sb != NULL) {
+		(void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name);
+		/* This usage is safe. */
+		if (quiet_mktemp(tmpl) == NULL)
+			err(EX_OSERR, "%s: mktemp", tmpl);
+		ret = link(from_name, tmpl);
+		if (ret == 0) {
+			if (target_sb->st_mode & S_IFDIR && rmdir(to_name) ==
+			    -1) {
+				unlink(tmpl);
+				err(EX_OSERR, "%s", to_name);
+			}
+			if (target_sb->st_flags & NOCHANGEBITS)
+				(void)chflags(to_name, target_sb->st_flags &
+				     ~NOCHANGEBITS);
+			unlink(to_name);
+			ret = rename(tmpl, to_name);
+			/*
+			 * If rename has posix semantics, then the temporary
+			 * file may still exist when from_name and to_name point
+			 * to the same file, so unlink it unconditionally.
+			 */
+			(void)unlink(tmpl);
+		}
+		return (ret);
+	} else
+		return (link(from_name, to_name));
+}
+
+/*
+ * do_symlink --
+ *	Make a symbolic link, obeying dorename if set. Exit on failure.
+ */
+static void
+do_symlink(const char *from_name, const char *to_name,
+    const struct stat *target_sb)
+{
+	char tmpl[MAXPATHLEN];
+
+	if (safecopy && target_sb != NULL) {
+		(void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name);
+		/* This usage is safe. */
+		if (quiet_mktemp(tmpl) == NULL)
+			err(EX_OSERR, "%s: mktemp", tmpl);
+
+		if (symlink(from_name, tmpl) == -1)
+			err(EX_OSERR, "symlink %s -> %s", from_name, tmpl);
+
+		if (target_sb->st_mode & S_IFDIR && rmdir(to_name) == -1) {
+			(void)unlink(tmpl);
+			err(EX_OSERR, "%s", to_name);
+		}
+		if (target_sb->st_flags & NOCHANGEBITS)
+			(void)chflags(to_name, target_sb->st_flags &
+			     ~NOCHANGEBITS);
+		unlink(to_name);
+
+		if (rename(tmpl, to_name) == -1) {
+			/* Remove temporary link before exiting. */
+			(void)unlink(tmpl);
+			err(EX_OSERR, "%s: rename", to_name);
+		}
+	} else {
+		if (symlink(from_name, to_name) == -1)
+			err(EX_OSERR, "symlink %s -> %s", from_name, to_name);
+	}
+}
+
+/*
+ * makelink --
+ *	make a link from source to destination
+ */
+static void
+makelink(const char *from_name, const char *to_name,
+    const struct stat *target_sb)
+{
+	char	src[MAXPATHLEN], dst[MAXPATHLEN], lnk[MAXPATHLEN];
+	struct stat	to_sb;
+
+	/* Try hard links first. */
+	if (dolink & (LN_HARD|LN_MIXED)) {
+		if (do_link(from_name, to_name, target_sb) == -1) {
+			if ((dolink & LN_HARD) || errno != EXDEV)
+				err(EX_OSERR, "link %s -> %s", from_name, to_name);
+		} else {
+			if (stat(to_name, &to_sb))
+				err(EX_OSERR, "%s: stat", to_name);
+			if (S_ISREG(to_sb.st_mode)) {
+				/*
+				 * XXX: hard links to anything other than
+				 * plain files are not metalogged
+				 */
+				int omode;
+				const char *oowner, *ogroup;
+				char *offlags;
+				char *dres;
+
+				/*
+				 * XXX: use underlying perms, unless
+				 * overridden on command line.
+				 */
+				omode = mode;
+				if (!haveopt_m)
+					mode = (to_sb.st_mode & 0777);
+				oowner = owner;
+				if (!haveopt_o)
+					owner = NULL;
+				ogroup = group;
+				if (!haveopt_g)
+					group = NULL;
+				offlags = fflags;
+				if (!haveopt_f)
+					fflags = NULL;
+				dres = digest_file(from_name);
+				metadata_log(to_name, "file", NULL, NULL,
+				    dres, to_sb.st_size);
+				free(dres);
+				mode = omode;
+				owner = oowner;
+				group = ogroup;
+				fflags = offlags;
+			}
+			return;
+		}
+	}
+
+	/* Symbolic links. */
+	if (dolink & LN_ABSOLUTE) {
+		/* Convert source path to absolute. */
+		if (realpath(from_name, src) == NULL)
+			err(EX_OSERR, "%s: realpath", from_name);
+		do_symlink(src, to_name, target_sb);
+		/* XXX: src may point outside of destdir */
+		metadata_log(to_name, "link", NULL, src, NULL, 0);
+		return;
+	}
+
+	if (dolink & LN_RELATIVE) {
+		char *cp, *d, *s;
+
+		/* Resolve pathnames. */
+		if (realpath(from_name, src) == NULL)
+			err(EX_OSERR, "%s: realpath", from_name);
+
+		/*
+		 * The last component of to_name may be a symlink,
+		 * so use realpath to resolve only the directory.
+		 */
+		cp = dirname(to_name);
+		if (realpath(cp, dst) == NULL)
+			err(EX_OSERR, "%s: realpath", cp);
+		/* .. and add the last component. */
+		if (strcmp(dst, "/") != 0) {
+			if (strlcat(dst, "/", sizeof(dst)) > sizeof(dst))
+				errx(1, "resolved pathname too long");
+		}
+		cp = basename(to_name);
+		if (strlcat(dst, cp, sizeof(dst)) > sizeof(dst))
+			errx(1, "resolved pathname too long");
+
+		/* Trim common path components. */
+		for (s = src, d = dst; *s == *d; s++, d++)
+			continue;
+		while (*s != '/')
+			s--, d--;
+
+		/* Count the number of directories we need to backtrack. */
+		for (++d, lnk[0] = '\0'; *d; d++)
+			if (*d == '/')
+				(void)strlcat(lnk, "../", sizeof(lnk));
+
+		(void)strlcat(lnk, ++s, sizeof(lnk));
+
+		do_symlink(lnk, to_name, target_sb);
+		/* XXX: Link may point outside of destdir. */
+		metadata_log(to_name, "link", NULL, lnk, NULL, 0);
+		return;
+	}
+
+	/*
+	 * If absolute or relative was not specified, try the names the
+	 * user provided.
+	 */
+	do_symlink(from_name, to_name, target_sb);
+	/* XXX: from_name may point outside of destdir. */
+	metadata_log(to_name, "link", NULL, from_name, NULL, 0);
+}
+
+/*
  * install --
  *	build a path name and install the file
  */
@@ -280,6 +707,7 @@ install(const char *from_name, const cha
 	int devnull, files_match, from_fd, serrno, target;
 	int tempcopy, temp_fd, to_fd;
 	char backup[MAXPATHLEN], *p, pathbuf[MAXPATHLEN], tempfile[MAXPATHLEN];
+	char *digestresult;
 
 	files_match = 0;
 	from_fd = -1;
@@ -287,11 +715,13 @@ install(const char *from_name, const cha
 
 	/* If try to install NULL file to a directory, fails. */
 	if (flags & DIRECTORY || strcmp(from_name, _PATH_DEVNULL)) {
-		if (stat(from_name, &from_sb))
-			err(EX_OSERR, "%s", from_name);
-		if (!S_ISREG(from_sb.st_mode)) {
-			errno = EFTYPE;
-			err(EX_OSERR, "%s", from_name);
+		if (!dolink) {
+			if (stat(from_name, &from_sb))
+				err(EX_OSERR, "%s", from_name);
+			if (!S_ISREG(from_sb.st_mode)) {
+				errno = EFTYPE;
+				err(EX_OSERR, "%s", from_name);
+			}
 		}
 		/* Build the target path. */
 		if (flags & DIRECTORY) {
@@ -305,7 +735,23 @@ install(const char *from_name, const cha
 		devnull = 1;
 	}
 
-	target = stat(to_name, &to_sb) == 0;
+	if (!dolink)
+		target = (stat(to_name, &to_sb) == 0);
+	else
+		target = (lstat(to_name, &to_sb) == 0);
+
+	if (dolink) {
+		if (target && !safecopy) {
+			if (to_sb.st_mode & S_IFDIR && rmdir(to_name) == -1)
+				err(EX_OSERR, "%s", to_name);
+			if (to_sb.st_flags & NOCHANGEBITS)
+				(void)chflags(to_name,
+				    to_sb.st_flags & ~NOCHANGEBITS);
+			unlink(to_name);
+		}
+		makelink(from_name, to_name, target ? &to_sb : NULL);
+		return;
+	}
 
 	/* Only install to regular files. */
 	if (target && !S_ISREG(to_sb.st_mode)) {
@@ -329,7 +775,7 @@ install(const char *from_name, const cha
 		else
 			files_match = !(compare(from_fd, from_name,
 			    (size_t)from_sb.st_size, to_fd,
-			    to_name, (size_t)to_sb.st_size));
+			    to_name, (size_t)to_sb.st_size, &digestresult));
 
 		/* Close "to" file unless we match. */
 		if (!files_match)
@@ -351,8 +797,10 @@ install(const char *from_name, const cha
 				    from_name, to_name);
 		}
 		if (!devnull)
-			copy(from_fd, from_name, to_fd,
+			digestresult = copy(from_fd, from_name, to_fd,
 			     tempcopy ? tempfile : to_name, from_sb.st_size);
+		else
+			digestresult = NULL;
 	}
 
 	if (dostrip) {
@@ -386,7 +834,8 @@ install(const char *from_name, const cha
 		}
 
 		if (compare(temp_fd, tempfile, (size_t)temp_sb.st_size, to_fd,
-			    to_name, (size_t)to_sb.st_size) == 0) {
+			    to_name, (size_t)to_sb.st_size, &digestresult)
+			    == 0) {
 			/*
 			 * If target has more than one link we need to
 			 * replace it in order to snap the extra links.
@@ -406,6 +855,9 @@ install(const char *from_name, const cha
 		}
 	}
 
+	if (dostrip && (!docompare || !target))
+		digestresult = digest_file(tempfile);
+
 	/*
 	 * Move the new file into place if doing a safe copy
 	 * and the files are different (or just not compared).
@@ -469,15 +921,16 @@ install(const char *from_name, const cha
 	 * Set owner, group, mode for target; do the chown first,
 	 * chown may lose the setuid bits.
 	 */
-	if ((gid != (gid_t)-1 && gid != to_sb.st_gid) ||
+	if (!dounpriv && ((gid != (gid_t)-1 && gid != to_sb.st_gid) ||
 	    (uid != (uid_t)-1 && uid != to_sb.st_uid) ||
-	    (mode != (to_sb.st_mode & ALLPERMS))) {
+	    (mode != (to_sb.st_mode & ALLPERMS)))) {
 		/* Try to turn off the immutable bits. */
 		if (to_sb.st_flags & NOCHANGEBITS)
 			(void)fchflags(to_fd, to_sb.st_flags & ~NOCHANGEBITS);
 	}
 
-	if ((gid != (gid_t)-1 && gid != to_sb.st_gid) ||
+	if (!dounpriv & 
+	    (gid != (gid_t)-1 && gid != to_sb.st_gid) ||
 	    (uid != (uid_t)-1 && uid != to_sb.st_uid))
 		if (fchown(to_fd, uid, gid) == -1) {
 			serrno = errno;
@@ -486,13 +939,16 @@ install(const char *from_name, const cha
 			err(EX_OSERR,"%s: chown/chgrp", to_name);
 		}
 
-	if (mode != (to_sb.st_mode & ALLPERMS))
+	if (mode != (to_sb.st_mode & ALLPERMS)) {
+		if (dounpriv)
+			mode &= S_IRWXU|S_IRWXG|S_IRWXO;
 		if (fchmod(to_fd, mode)) {
 			serrno = errno;
 			(void)unlink(to_name);
 			errno = serrno;
 			err(EX_OSERR, "%s: chmod", to_name);
 		}
+	}
 
 	/*
 	 * If provided a set of flags, set them, otherwise, preserve the
@@ -501,7 +957,7 @@ install(const char *from_name, const cha
 	 * trying to turn off UF_NODUMP.  If we're trying to set real flags,
 	 * then warn if the fs doesn't support it, otherwise fail.
 	 */
-	if (!devnull && (flags & SETFLAGS ||
+	if (!dounpriv & !devnull && (flags & SETFLAGS ||
 	    (from_sb.st_flags & ~UF_NODUMP) != to_sb.st_flags) &&
 	    fchflags(to_fd,
 	    flags & SETFLAGS ? fset : from_sb.st_flags & ~UF_NODUMP)) {
@@ -520,6 +976,9 @@ install(const char *from_name, const cha
 	(void)close(to_fd);
 	if (!devnull)
 		(void)close(from_fd);
+
+	metadata_log(to_name, "file", tvb, NULL, digestresult, to_sb.st_size);
+	free(digestresult);
 }
 
 /*
@@ -528,29 +987,37 @@ install(const char *from_name, const cha
  */
 static int
 compare(int from_fd, const char *from_name __unused, size_t from_len,
-	int to_fd, const char *to_name __unused, size_t to_len)
+	int to_fd, const char *to_name __unused, size_t to_len,
+	char **dresp)
 {
 	char *p, *q;
 	int rv;
 	int done_compare;
+	DIGEST_CTX ctx;
 
 	rv = 0;
 	if (from_len != to_len)
 		return 1;
 
 	if (from_len <= MAX_CMP_SIZE) {
+		if (dresp != NULL)
+			digest_init(&ctx);
 		done_compare = 0;
 		if (trymmap(from_fd) && trymmap(to_fd)) {
-			p = mmap(NULL, from_len, PROT_READ, MAP_SHARED, from_fd, (off_t)0);
+			p = mmap(NULL, from_len, PROT_READ, MAP_SHARED,
+			    from_fd, (off_t)0);
 			if (p == (char *)MAP_FAILED)
 				goto out;
-			q = mmap(NULL, from_len, PROT_READ, MAP_SHARED, to_fd, (off_t)0);
+			q = mmap(NULL, from_len, PROT_READ, MAP_SHARED,
+			    to_fd, (off_t)0);
 			if (q == (char *)MAP_FAILED) {
 				munmap(p, from_len);
 				goto out;
 			}
 
 			rv = memcmp(p, q, from_len);

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201301182057.r0IKvoHB039818>