Date: Sat, 06 Feb 2021 11:41:41 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 253292] regression in r550860 (@sample conversion to lua) semantic change causes leftovers in poudriere, ex: security/ca_root_nss Message-ID: <bug-253292-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D253292 Bug ID: 253292 Summary: regression in r550860 (@sample conversion to lua) semantic change causes leftovers in poudriere, ex: security/ca_root_nss Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: regression Severity: Affects Only Me Priority: --- Component: Ports Framework Assignee: portmgr@FreeBSD.org Reporter: mandree@FreeBSD.org CC: manu@freebsd.org, pkg@FreeBSD.org, ports-bugs@FreeBSD.org Flags: maintainer-feedback?(pkg@FreeBSD.org), merge-quarterly? Greetings, I am debugging a leftovers situation in security/ca_root_nss. Turns out that since the Lua conversion, @sample (Keywords/sample.ucl) has different seman= tic than the Shell version used to have. I am looking at pkg 1.6.2, ca_root_nss 3.5.8, and ports from SVN at r564205 (that's the ^/head ummmm... trunk I'd say). Here's how, when ca_root_nss's pre-deinstall script runs: Situation: 1. pkg-plist contains: @sample etc/ssl/cert.pem.sample 2. symlinks at deinstall time, after fresh installation of ca_root_nss pack= age $ ls -l /usr/local/etc/ssl/cert.pem.sample /usr/local/etc/ssl/cert.pem lrwxr-xr-x 1 root wheel 33 30 Jan. 02:23 /usr/local/etc/ssl/cert.pem.sam= ple -> ../../share/certs/ca-root-nss.crt -rw-r--r-- 1 root wheel 786736 17 Okt. 18:23 /usr/local/etc/ssl/cert.pem 3. tracing with gdb into lua_pkg_filecmp() (you need to "set follow-fork-mo= de child"): (gdb)=20 198 const char* file1 =3D luaL_checkstring(L, 1); (gdb)=20 199 const char* file2 =3D luaL_checkstring(L, 2); (gdb) print file1 $1 =3D 0x80109b618 "/usr/local/etc/ssl/cert.pem.sample" (gdb) print file2 $2 =3D 0x80109b758 "/usr/local/etc/ssl/cert.pem" ... 208 if (fstatat(pkg->rootfd, RELATIVE_PATH(file1), &s1, AT_SYMLINK_NOFOLLOW) =3D=3D -1) { (gdb)=20 212 if (fstatat(pkg->rootfd, RELATIVE_PATH(file2), &s2, AT_SYMLINK_NOFOLLOW) =3D=3D -1) { (gdb)=20 216 if (!S_ISREG(s1.st_mode) || !S_ISREG(s2.st_mode)) { (gdb)=20 217 lua_pushinteger(L, -1); so it errors out here because file1 isn't regular. HOW IS THIS DIFFERENT? 1) cmp -s in the earlier shell version of the script didn't care if it was looking at regular files or symlinks or whatnot but would just open and com= pare contents and exit 0 (same content) 2) the lua version now ERRORS out (-1) (and @sample ignores that and just leaves the file) because it isn't looking at two regular files. To me, it is not clear why pkg's lua_pkg_filecmp() cares so much about file type WITHOUT following symlink. If it were, as a fallback, comparing symlin= ks, that might have a selling point, but the way things are in pkg 1.6.2, it's = not clear to me. Might rather be a quick sanity check (is the output something= we can mmap()) that misfires in corner cases. such as this. OPTIONS: 1. change pkg's lua_pkg_filecmp() to follow symlinks or disregard unimporta= nt file type differences. Plus: keeps capsicum, fewer external commands. 2. revert the switch from shell to lua script made in ports r550860. Plus: reinstates former behavior. Minus: loses capsicum isolation. 3. patch ALL ports that mix symlinks with @sample. Minus: doesn't scale. I am proposing (1), i. e. bringing pkg closer to former cmp behavior. --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-253292-7788>