From owner-svn-src-projects@FreeBSD.ORG  Fri Dec 21 23:12:34 2012
Return-Path: <owner-svn-src-projects@FreeBSD.ORG>
Delivered-To: svn-src-projects@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id E6E42D17;
 Fri, 21 Dec 2012 23:12:34 +0000 (UTC)
 (envelope-from brooks@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 by mx1.freebsd.org (Postfix) with ESMTP id CAF248FC0C;
 Fri, 21 Dec 2012 23:12:34 +0000 (UTC)
Received: from svn.freebsd.org (localhost [127.0.0.1])
 by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id qBLNCYfo057464;
 Fri, 21 Dec 2012 23:12:34 GMT (envelope-from brooks@svn.freebsd.org)
Received: (from brooks@localhost)
 by svn.freebsd.org (8.14.5/8.14.5/Submit) id qBLNCYg0057461;
 Fri, 21 Dec 2012 23:12:34 GMT (envelope-from brooks@svn.freebsd.org)
Message-Id: <201212212312.qBLNCYg0057461@svn.freebsd.org>
From: Brooks Davis <brooks@FreeBSD.org>
Date: Fri, 21 Dec 2012 23:12:34 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-projects@freebsd.org
Subject: svn commit: r244570 - projects/mtree/usr.bin/xinstall
X-SVN-Group: projects
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-projects@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "SVN commit messages for the src &quot; projects&quot;
 tree" <svn-src-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-projects>, 
 <mailto:svn-src-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-projects>
List-Post: <mailto:svn-src-projects@freebsd.org>
List-Help: <mailto:svn-src-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-projects>, 
 <mailto:svn-src-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Dec 2012 23:12:35 -0000

Author: brooks
Date: Fri Dec 21 23:12:34 2012
New Revision: 244570
URL: http://svnweb.freebsd.org/changeset/base/244570

Log:
  Add the -U option to indicate that install is running unprivileged,
  and that it should not try to change the owner, the group, or the
  file flags of the destination.

Modified:
  projects/mtree/usr.bin/xinstall/install.1
  projects/mtree/usr.bin/xinstall/xinstall.c

Modified: projects/mtree/usr.bin/xinstall/install.1
==============================================================================
--- projects/mtree/usr.bin/xinstall/install.1	Fri Dec 21 22:48:12 2012	(r244569)
+++ projects/mtree/usr.bin/xinstall/install.1	Fri Dec 21 23:12:34 2012	(r244570)
@@ -156,6 +156,9 @@ number of systems and binary types.
 See below for how
 .Nm
 can be instructed to use another program to strip binaries.
+.It Fl U
+Indicate that install is running unprivileged, and that it should not
+try to change the owner, the group, or the file flags of the destination.
 .It Fl v
 Cause
 .Nm

Modified: projects/mtree/usr.bin/xinstall/xinstall.c
==============================================================================
--- projects/mtree/usr.bin/xinstall/xinstall.c	Fri Dec 21 22:48:12 2012	(r244569)
+++ projects/mtree/usr.bin/xinstall/xinstall.c	Fri Dec 21 23:12:34 2012	(r244570)
@@ -78,8 +78,8 @@ static struct passwd *pp;
 static struct group *gp;
 static gid_t gid;
 static uid_t uid;
-static int dobackup, docompare, dodir, dopreserve, dostrip, nommap, safecopy,
-    verbose;
+static int dobackup, docompare, dodir, dopreserve, dostrip, dounpriv,
+    nommap, safecopy, verbose;
 static mode_t mode = S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH;
 static const char *suffix = BACKUP_SUFFIX;
 
@@ -107,7 +107,7 @@ main(int argc, char *argv[])
 
 	iflags = 0;
 	group = owner = NULL;
-	while ((ch = getopt(argc, argv, "B:bCcdf:g:Mm:o:pSsv")) != -1)
+	while ((ch = getopt(argc, argv, "B:bCcdf:g:Mm:o:pSsUv")) != -1)
 		switch((char)ch) {
 		case 'B':
 			suffix = optarg;
@@ -126,9 +126,6 @@ main(int argc, char *argv[])
 			break;
 		case 'f':
 			flags = optarg;
-			if (strtofflags(&flags, &fset, NULL))
-				errx(EX_USAGE, "%s: invalid flag", flags);
-			iflags |= SETFLAGS;
 			break;
 		case 'g':
 			group = optarg;
@@ -155,6 +152,9 @@ main(int argc, char *argv[])
 		case 's':
 			dostrip = 1;
 			break;
+		case 'U':
+			dounpriv = 1;
+			break;
 		case 'v':
 			verbose = 1;
 			break;
@@ -185,7 +185,7 @@ main(int argc, char *argv[])
 		safecopy = 1;
 
 	/* get group and owner id's */
-	if (group != NULL) {
+	if (group != NULL && !dounpriv) {
 		if ((gp = getgrnam(group)) != NULL)
 			gid = gp->gr_gid;
 		else
@@ -193,7 +193,7 @@ main(int argc, char *argv[])
 	} else
 		gid = (gid_t)-1;
 
-	if (owner != NULL) {
+	if (owner != NULL && !dounpriv) {
 		if ((pp = getpwnam(owner)) != NULL)
 			uid = pp->pw_uid;
 		else
@@ -201,6 +201,12 @@ main(int argc, char *argv[])
 	} else
 		uid = (uid_t)-1;
 
+	if (flags != NULL && !dounpriv) {
+		if (strtofflags(&flags, &fset, NULL))
+			errx(EX_USAGE, "%s: invalid flag", flags);
+		iflags |= SETFLAGS;
+	}
+
 	if (dodir) {
 		for (; *argv != NULL; ++argv)
 			install_dir(*argv);
@@ -464,15 +470,16 @@ install(const char *from_name, const cha
 	 * Set owner, group, mode for target; do the chown first,
 	 * chown may lose the setuid bits.
 	 */
-	if ((gid != (gid_t)-1 && gid != to_sb.st_gid) ||
+	if (!dounpriv && ((gid != (gid_t)-1 && gid != to_sb.st_gid) ||
 	    (uid != (uid_t)-1 && uid != to_sb.st_uid) ||
-	    (mode != (to_sb.st_mode & ALLPERMS))) {
+	    (mode != (to_sb.st_mode & ALLPERMS)))) {
 		/* Try to turn off the immutable bits. */
 		if (to_sb.st_flags & NOCHANGEBITS)
 			(void)fchflags(to_fd, to_sb.st_flags & ~NOCHANGEBITS);
 	}
 
-	if ((gid != (gid_t)-1 && gid != to_sb.st_gid) ||
+	if (!dounpriv & 
+	    (gid != (gid_t)-1 && gid != to_sb.st_gid) ||
 	    (uid != (uid_t)-1 && uid != to_sb.st_uid))
 		if (fchown(to_fd, uid, gid) == -1) {
 			serrno = errno;
@@ -482,6 +489,8 @@ install(const char *from_name, const cha
 		}
 
 	if (mode != (to_sb.st_mode & ALLPERMS))
+		if (dounpriv)
+			mode &= S_IRWXU|S_IRWXG|S_IRWXO;
 		if (fchmod(to_fd, mode)) {
 			serrno = errno;
 			(void)unlink(to_name);
@@ -496,7 +505,7 @@ install(const char *from_name, const cha
 	 * trying to turn off UF_NODUMP.  If we're trying to set real flags,
 	 * then warn if the fs doesn't support it, otherwise fail.
 	 */
-	if (!devnull && (flags & SETFLAGS ||
+	if (!dounpriv & !devnull && (flags & SETFLAGS ||
 	    (from_sb.st_flags & ~UF_NODUMP) != to_sb.st_flags) &&
 	    fchflags(to_fd,
 	    flags & SETFLAGS ? fset : from_sb.st_flags & ~UF_NODUMP)) {
@@ -771,10 +780,14 @@ install_dir(char *path)
 				break;
  		}
 
-	if ((gid != (gid_t)-1 || uid != (uid_t)-1) && chown(path, uid, gid))
-		warn("chown %u:%u %s", uid, gid, path);
-	if (chmod(path, mode))
-		warn("chmod %o %s", mode, path);
+	if (!dounpriv) {
+		if ((gid != (gid_t)-1 || uid != (uid_t)-1) &&
+		    chown(path, uid, gid))
+			warn("chown %u:%u %s", uid, gid, path);
+		/* XXXBED: should we do the chmod in the dounpriv case? */
+		if (chmod(path, mode))
+			warn("chmod %o %s", mode, path);
+	}
 }
 
 /*
@@ -785,11 +798,11 @@ static void
 usage(void)
 {
 	(void)fprintf(stderr,
-"usage: install [-bCcMpSsv] [-B suffix] [-f flags] [-g group] [-m mode]\n"
+"usage: install [-bCcMpSsUv] [-B suffix] [-f flags] [-g group] [-m mode]\n"
 "               [-o owner] file1 file2\n"
-"       install [-bCcMpSsv] [-B suffix] [-f flags] [-g group] [-m mode]\n"
+"       install [-bCcMpSsUv] [-B suffix] [-f flags] [-g group] [-m mode]\n"
 "               [-o owner] file1 ... fileN directory\n"
-"       install -d [-v] [-g group] [-m mode] [-o owner] directory ...\n");
+"       install -dU [-vU] [-g group] [-m mode] [-o owner] directory ...\n");
 	exit(EX_USAGE);
 	/* NOTREACHED */
 }