cp: preserve "capabilities" when also preserving file ownership

* src/copy.c (copy_reg): Copy xattrs _after_ setting file ownership
so that capabilities are not cleared when setting ownership.
* tests/cp/capability: A new root test.
* tests/Makefile.am (root_tests): Reference the new test.
* NEWS: Mention the fix.

4 files changed, 75 insertions, 14 deletions

diff --git a/NEWS b/NEWS
index 2be9633a0..867589c52 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,8 @@ GNU coreutils NEWS                                    -*- outline -*-
 
 ** Bug fixes
 
+  cp now preserves "capabilities" also when preserving file ownership.
+
   ls --color once again honors the 'NORMAL' dircolors directive.
   [bug introduced in coreutils-6.11]
 
diff --git a/src/copy.c b/src/copy.c
index 0fa148e4c..d18fd45ab 100644
--- a/src/copy.c
+++ b/src/copy.c
@@ -826,6 +826,22 @@ copy_reg (char const *src_name, char const *dst_name,
         }
     }
 
+  /* Set ownership before xattrs as changing owners will
+     clear capabilities.  */
+  if (x->preserve_ownership && ! SAME_OWNER_AND_GROUP (*src_sb, sb))
+    {
+      switch (set_owner (x, dst_name, dest_desc, src_sb, *new_dst, &sb))
+        {
+        case -1:
+          return_val = false;
+          goto close_src_and_dst_desc;
+
+        case 0:
+          src_mode &= ~ (S_ISUID | S_ISGID | S_ISVTX);
+          break;
+        }
+    }
+
   /* To allow copying xattrs on read-only files, temporarily chmod u+rw.
      This workaround is required as an inode permission check is done
      by xattr_permission() in fs/xattr.c of the GNU/Linux kernel tree.  */
@@ -844,20 +860,6 @@ copy_reg (char const *src_name, char const *dst_name,
         fchmod_or_lchmod (dest_desc, dst_name, dst_mode & ~omitted_permissions);
     }
 
-  if (x->preserve_ownership && ! SAME_OWNER_AND_GROUP (*src_sb, sb))
-    {
-      switch (set_owner (x, dst_name, dest_desc, src_sb, *new_dst, &sb))
-        {
-        case -1:
-          return_val = false;
-          goto close_src_and_dst_desc;
-
-        case 0:
-          src_mode &= ~ (S_ISUID | S_ISGID | S_ISVTX);
-          break;
-        }
-    }
-
   set_author (dst_name, dest_desc, src_sb);
 
   if (x->preserve_mode || x->move_mode)
diff --git a/tests/Makefile.am b/tests/Makefile.am
index db1610d6b..a943ff3ab 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -23,6 +23,7 @@ root_tests =					\
   cp/preserve-gid				\
   cp/special-bits				\
   cp/cp-mv-enotsup-xattr			\
+  cp/capability					\
   dd/skip-seek-past-dev				\
   install/install-C-root			\
   ls/capability					\
diff --git a/tests/cp/capability b/tests/cp/capability
new file mode 100755
index 000000000..f4ee227f5
--- /dev/null
+++ b/tests/cp/capability
@@ -0,0 +1,56 @@
+#!/bin/sh
+# Ensure cp --preserves copies capabilities
+
+# Copyright (C) 2010 Free Software Foundation, Inc.
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+if test "$VERBOSE" = yes; then
+  set -x
+  ls --version
+fi
+
+. $srcdir/test-lib.sh
+require_root_
+working_umask_or_skip_
+
+
+grep '^#define HAVE_CAP 1' $CONFIG_HEADER > /dev/null \
+  || skip_test_ "configured without libcap support"
+
+(setcap --help) 2>&1 |grep 'usage: setcap' > /dev/null \
+  || skip_test_ "setcap utility not found"
+(getcap --help) 2>&1 |grep 'usage: getcap' > /dev/null \
+  || skip_test_ "getcap utility not found"
+
+
+touch file || framework_failure
+chown $NON_ROOT_USERNAME file || framework_failure
+
+setcap 'cap_net_bind_service=ep' file ||
+  skip_test_ "setcap doesn't work"
+getcap file | grep cap_net_bind_service >/dev/null ||
+  skip_test_ "getcap doesn't work"
+
+cp --preserve=xattr file copy1 || fail=1
+
+# Before coreutils 8.5 the capabilities would not be preserved,
+# as the owner was set _after_ copying xattrs, thus clearing any capabilities.
+cp --preserve=all   file copy2 || fail=1
+
+for file in copy1 copy2; do
+  getcap $file | grep cap_net_bind_service >/dev/null || fail=1
+done
+
+Exit $fail