diff options
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | NEWS | 4 | ||||
-rw-r--r-- | src/chmod.c | 4 | ||||
-rw-r--r-- | src/chown-core.c | 24 | ||||
-rw-r--r-- | tests/chown/Makefile.am | 1 | ||||
-rwxr-xr-x | tests/chown/preserve-root | 70 |
6 files changed, 102 insertions, 9 deletions
@@ -1,5 +1,13 @@ 2006-12-14 Jim Meyering <jim@meyering.net> + * NEWS: --preserve-root now works with chgrp, chmod, and chown. + * src/chmod.c (process_file): Do honor the --preserve-root option. + * src/chown-core.c (change_file_owner): Likewise, but here, also + handle the case in which a traversal would go "through" a symlink + to root. Reported by Matthew M. Boedicker + * tests/chown/preserve-root: Test for the above. + * tests/chown/Makefile.am (TESTS): Add preserve-root. + * NEWS: Mention the chmod fix induced by the 2006-12-11 change to gnulib's m4/openat.m4. @@ -4,10 +4,12 @@ GNU coreutils NEWS -*- outline -*- ** Bug fixes + chgrp, chmod, and chown now honor the --preserve-root option. + Before, they would warn, yet continuing traversing and operating on /. + chmod no longer fails in an environment (e.g., a chroot) with openat support but with insufficient /proc support. - * Noteworthy changes in release 6.7 (2006-12-08) [stable] ** Bug fixes diff --git a/src/chmod.c b/src/chmod.c index 7858c0a66..028c882d0 100644 --- a/src/chmod.c +++ b/src/chmod.c @@ -228,6 +228,10 @@ process_file (FTS *fts, FTSENT *ent) if (ok && ROOT_DEV_INO_CHECK (root_dev_ino, file_stats)) { ROOT_DEV_INO_WARN (file_full_name); + /* Tell fts not to traverse into this hierarchy. */ + fts_set (fts, ent, FTS_SKIP); + /* Ensure that we do not process "/" on the second visit. */ + ent = fts_read (fts); ok = false; } diff --git a/src/chown-core.c b/src/chown-core.c index 69345ccf8..606db39ea 100644 --- a/src/chown-core.c +++ b/src/chown-core.c @@ -258,7 +258,19 @@ change_file_owner (FTS *fts, FTSENT *ent, { case FTS_D: if (chopt->recurse) - return true; + { + if (ROOT_DEV_INO_CHECK (chopt->root_dev_ino, ent->fts_statp)) + { + /* This happens e.g., with "chown -R --preserve-root /". */ + ROOT_DEV_INO_WARN (file_full_name); + /* Tell fts not to traverse into this hierarchy. */ + fts_set (fts, ent, FTS_SKIP); + /* Ensure that we do not process "/" on the second visit. */ + ent = fts_read (fts); + return false; + } + return true; + } break; case FTS_DP: @@ -337,15 +349,11 @@ change_file_owner (FTS *fts, FTSENT *ent, || required_gid == file_stats->st_gid)); } - if (do_chown - /* With FTS_NOSTAT, file_stats is valid only for directories. - Don't need to check for FTS_D, since it is handled above, - and same for FTS_DNR, since then do_chown is false. */ - && (ent->fts_info == FTS_DP || ent->fts_info == FTS_DC) - && ROOT_DEV_INO_CHECK (chopt->root_dev_ino, file_stats)) + /* This happens when chown -LR --preserve-root encounters a symlink-to-/. */ + if (ROOT_DEV_INO_CHECK (chopt->root_dev_ino, file_stats)) { ROOT_DEV_INO_WARN (file_full_name); - ok = do_chown = false; + return false; } if (do_chown) diff --git a/tests/chown/Makefile.am b/tests/chown/Makefile.am index bee0d5423..73bf483df 100644 --- a/tests/chown/Makefile.am +++ b/tests/chown/Makefile.am @@ -2,6 +2,7 @@ AUTOMAKE_OPTIONS = 1.4 gnits TESTS = \ + preserve-root \ basic \ deref \ separator diff --git a/tests/chown/preserve-root b/tests/chown/preserve-root new file mode 100755 index 000000000..152f59c30 --- /dev/null +++ b/tests/chown/preserve-root @@ -0,0 +1,70 @@ +#!/bin/sh +# Verify that --preserve-root works. + +# Copyright (C) 2006 Free Software Foundation, Inc. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301, USA. + +if test "$VERBOSE" = yes; then + set -x + chown --version +fi + +. $srcdir/../envvar-check +. $srcdir/../lang-default +PRIV_CHECK_ARG=require-non-root . $srcdir/../priv-check + +pwd=`pwd` +t0=`echo "$0"|sed 's,.*/,,'`.tmp; tmp=$t0/$$ +trap 'status=$?; cd "$pwd" && chmod -R u+rwx $t0 && rm -rf $t0 && exit $status' 0 +trap '(exit $?); exit $?' 1 2 13 15 + +framework_failure=0 +mkdir -p $tmp || framework_failure=1 +cd $tmp || framework_failure=1 +mkdir d && ln -s / d/slink-to-root + +if test $framework_failure = 1; then + echo "$0: failure in testing framework" 1>&2 + (exit 1); exit 1 +fi + +fail=0 + +# Even if --preserve-root were to malfunction, allowing the chown or +# chgrp to traverse through "/", since we're running as non-root, +# they would be very unlikely to cause any changes. +chown -R --preserve-root 0 / > out 2>&1 && fail=1 +chgrp -R --preserve-root 0 / >> out 2>&1 && fail=1 + +# Here, if --preserve-root were to malfunction, chmod could make changes, +# but only to files owned and unreadable by the user running this test, +# and then, only to make them readable by owner. +chmod -R --preserve-root u+r / >> out 2>&1 && fail=1 + +cat <<\EOF > exp || fail=1 +chown: it is dangerous to operate recursively on `/' +chown: use --no-preserve-root to override this failsafe +chgrp: it is dangerous to operate recursively on `/' +chgrp: use --no-preserve-root to override this failsafe +chmod: it is dangerous to operate recursively on `/' +chmod: use --no-preserve-root to override this failsafe +EOF + +cmp out exp || fail=1 +test $fail = 1 && diff out exp 2> /dev/null + +(exit $fail); exit $fail |