From owner-freebsd-current@freebsd.org  Thu May 12 15:54:20 2016
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4597BB38DCC
 for <freebsd-current@mailman.ysv.freebsd.org>;
 Thu, 12 May 2016 15:54:20 +0000 (UTC) (envelope-from mm@freebsd.org)
Received: from mail.vx.sk (mail.vx.sk [IPv6:2a01:4f8:161:9127::4])
 by mx1.freebsd.org (Postfix) with ESMTP id ED4291DF7
 for <freebsd-current@freebsd.org>; Thu, 12 May 2016 15:54:19 +0000 (UTC)
 (envelope-from mm@freebsd.org)
Received: from mail.vx.sk (localhost [127.0.0.1])
 by mail.vx.sk (Postfix) with ESMTP id 642E4C8D1;
 Thu, 12 May 2016 17:54:19 +0200 (CEST)
X-Virus-Scanned: amavisd-new at mail.vx.sk
Received: from mail.vx.sk by mail.vx.sk (amavisd-new, unix socket) with LMTP
 id TrS297FK4Ecd; Thu, 12 May 2016 17:54:18 +0200 (CEST)
Received: from mail.vx.sk (localhost [IPv6:::1])
 by mail.vx.sk (Postfix) with ESMTPSA id AC4D9C8A4;
 Thu, 12 May 2016 17:54:18 +0200 (CEST)
Received: from 145.243.194.207 ([145.243.194.207]) by mail.vx.sk (Horde
 Framework) with HTTP; Thu, 12 May 2016 17:54:18 +0200
Date: Thu, 12 May 2016 17:54:18 +0200
Message-ID: <20160512175418.Horde.JvYoOSRwfU_l2TIXv697u2B@mail.vx.sk>
From: Martin Matuska <mm@freebsd.org>
To: Michael Butler <imb@protected-networks.net>
Cc: freebsd-current <freebsd-current@freebsd.org>, "Kientzle, Tim"
 <tim@kientzle.com>
Subject: Re: libarchive update SVN r299529 breaks "ezjail update"
References: <2c059cf5-2c8a-3b89-16c3-eedf02a01ec5@protected-networks.net>
 <20160512173440.Horde.5l1s9ijXRgAeMNgmT0MmCPa@mail.vx.sk>
In-Reply-To: <20160512173440.Horde.5l1s9ijXRgAeMNgmT0MmCPa@mail.vx.sk>
User-Agent: Horde Application Framework 5
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Content-Description: Plaintext Message
X-Content-Filtered-By: Mailman/MimeDel 2.1.22
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 12 May 2016 15:54:20 -0000

  Looks like we have to remove line #174 from cpio/cpio.c:
cpio->extract_flags |= ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS;

This breaks traditional cpio behavior.

Quoting Martin Matuska <mm@freebsd.org>:

> Hi Michael, I have looked at the source and this is an intended  
> change in 3.2.0.
>
> An absolute path security check was added, cpio refuses to extract  
> or copy over absolute paths. To do this anyway the "--insecure" flag  
> must be used.
>
> Here is the commit:
> https://github.com/libarchive/libarchive/commit/59357157706d47c365b2227739e17daba3607526
>
> Quoting Michael Butler <imb@protected-networks.net>:
>
>> It seems that today's libarchive update breaks cpio's behaviour:
>>
>> sudo ezjail-admin update -i -s /usr/src
>>
>> [ .. ]
>>
>> cd /usr/src/etc/..; install -o root -g wheel -m 444  COPYRIGHT
>> /usr/local/jails/fulljail/
>> install -o root -g wheel -m 444
>> /usr/src/etc/../sys/i386/conf/GENERIC.hints
>> /usr/local/jails/fulljail/boot/device.hints
>> /usr/local/jails/basejail/bincpio: bin: Path is absolute: Unknown error: -1
>>
>> /usr/local/jails/basejail/bin/catcpio: bin/cat: Path is absolute:
>> Unknown error: -1
>>
>> /usr/local/jails/basejail/bin/chflagscpio: bin/chflags: Path is
>> absolute: Unknown error: -1
>>
>> /usr/local/jails/basejail/bin/chiocpio: bin/chio: Path is absolute:
>> Unknown error: -1
>>
>> /usr/local/jails/basejail/bin/chmodcpio: bin/chmod: Path is absolute:
>> Unknown error: -1
>>
>> /usr/local/jails/basejail/bin/cpcpio: bin/cp: Path is absolute: Unknown
>> error: -1
>>
>> /usr/local/jails/basejail/bin/datecpio: bin/date: Path is absolute:
>> Unknown error: -1
>>
>> /usr/local/jails/basejail/bin/ddcpio: bin/dd: Path is absolute: Unknown
>> error: -1
>>
>> /usr/local/jails/basejail/bin/dfcpio: bin/df: Path is absolute: Unknown
>> error: -1
>>
>> /usr/local/jails/basejail/bin/domainnamecpio: bin/domainname: Path is
>> absolute: Unknown error: -1
>> [ .. etc. .. ]
>
>
>
> -------------------------
> Martin Matuska
> FreeBSD committer
> http://blog.vx.sk
-- 
Martin Matuska
FreeBSD committer
http://blog.vx.sk