Age | Commit message (Collapse) | Author |
|
* src/copy.h (struct cp_options): New member owner_privileges.
* src/copy.c (USE_ACL): Define to 0 if not defined, for convenience.
(owner_failure_ok): New function.
(set_owner): Avoid a security-related race by doing an extra chmod
first if it looks like there might be trouble right after a chown.
Accept a source struct stat rather than a uid and gid, and
accept a boolean NEW_DST and destination struct stat.
All callers changed.
* src/copy.h (cp_options_default): New function, replacing the
old chown_privileges.
* src/copy.c (cp_options_default): Likewise.
* src/cp.c (cp_option_init): Use it.
* src/install.c (cp_option_init): Likewise.
* src/mv.c (cp_option_init): Likewise.
|
|
* NEWS: Mention this change.
* doc/coreutils.texi (cp invocation): Describe the new behavior.
* src/copy.c: No longer include "canonicalize.h".
(copy_reg): Upon failure to open a dangling destination symlink, don't
canonicalize the name, but rather fail (default) or, with POSIXLY_CORRECT,
repeat the open call without O_EXCL (potentially dangerous).
* src/copy.h (struct cp_options) [open_dangling_dest_symlink]:
New member. Reorder the others, grouping "bool" and "enum"
members together.
* tests/cp/thru-dangling: Test for changed and new behavior.
* src/cp.c (cp_option_init): Initialize new member.
* src/install.c (cp_option_init): Likewise.
* src/mv.c (cp_option_init): Likewise.
Signed-off-by: Jim Meyering <meyering@redhat.com>
|
|
|
|
|
|
* NEWS: "cp" no longer considers a destination symlink to be the
same as the referenced file when copying links or making backups.
* src/copy.c (copy_reg): When following a symlink, use the
followed name in later chown etc. requests, so that the created
file is affected, rather than the symlink. Use O_NOFOLLOW on
source when not dereferencing symlinks; this avoids a race.
Preserve errno correctly when doing multiple open attempts on the
destination.
(copy_internal): Follow destination symlinks only when copying a
regular file and only when we don't intend to remove or rename the
destination first, regardless of whether following source
symlinks; this is because since POSIX and tradition (e.g.,
FreeBSD) say we should ordinarily follow destination symlinks if
the system calls would ordinarily do so.
* src/copy.h (struct cp_options): Add comment that 'dereference'
is only for source files.
* src/cp.c (usage): Note that --derereference etc. are only for
source files.
(make_dir_parents_private): Follow symlinks, regardless of whether
--dereference is specified, because these are destination symlinks.
* tests/cp/same-file: Adjust tests to match revised behavior.
Filter out perror output since it might vary from host to host.
Use sed alone instead of also using echo.
* doc/coreutils.texi (cp invocation): Document the behavior better when
the destination is a symlink. Clarify source versus destination
symlinks. Describe the new behavior for destination symlinks.
2007-06-15 Jim Meyering <jim@meyering.net>
* src/copy.c: Include "canonicalize.h".
(copy_reg): Use canonicalize_filename_mode to follow the symlink,
so that we can always open with O_EXCL and avoid a race.
|
|
* tests/cp/Makefile.am (TESTS): Add cp-a-selinux.
* tests/selinux: New file.
* tests/Makefile.am (EXTRA_DIST): Add selinux.
* tests/misc/selinux: Source the new script, rather than open coding it.
Change how "cp -a" and "cp --preserve=context" work with SELinux.
Now, cp -a attempts to preserve context, but failure to do so does
not change cp's exit status. However "cp --preserve=context" is
similar, but failure *does* cause cp to exit with nonzero status.
* src/copy.h (struct cp_options) [require_preserve_context]: New member.
* src/copy.c (copy_reg, copy_internal): Implement the above.
* src/mv.c (cp_option_init): Initialize the new member.
* src/install.c (cp_option_init): Likewise.
* src/cp.c (cp_option_init): Likewise.
(decode_preserve_arg): Set it or reset it.
FIXME: add an on-writable-NFS-only test
|
|
patch, mv and cp do not provide the "-Z context" option.
* src/copy.c: Include <selinux/selinux.h>.
(restore_default_fscreatecon): New function.
(copy_reg): Make cp --preserve=context work for existing destination.
(copy_internal): Likewise for new destinations.
* src/copy.h (cp_options) [preserve_security_context]: New member.
* src/cp.c: Include <selinux/selinux.h>.
(selinux_enabled): New global.
(usage): Mention new --preserve=context option.
(PRESERVE_CONTEXT): Define/use.
(decode_preserve_arg): Handle PRESERVE_CONTEXT.
(main): Remove an obsolete comment.
If --preserve=context is specified on a system without SELinux
enabled, give a diagnostic and fail.
* src/mv.c: Include <selinux/selinux.h>.
Set x->preserve_security_context if SELinux is enabled.
* src/install.c: Accept new "-Z, --context=C" option.
Accept --preserve-context option (but not -P option).
Accept alternate spelling: --preserve_context, for now.
Include <selinux/selinux.h> and "quotearg.h".
(selinux_enabled, use_default_selinux_context): New globals.
(PRESERVE_CONTEXT_OPTION): Define.
(cp_option_init): Default: do not preserve security context.
(setdefaultfilecon): New function.
(main): Honor new options.
* src/Makefile.am (mv_LDADD, cp_LDADD, ginstall_LDADD):
Add $(LIB_SELINUX).
|
|
* m4/jm-macros.m4 (coreutils_MACROS): Check for fchmod.
* src/copy.c (fchmod_or_lchmod): New function.
(copy_reg): New arg OMITTED_PERMISSIONS. All uses changed.
Omit confusing and unused ", dst_mode" arg to 'open' without O_CREAT.
When creating a file, use O_EXCL, so we're more likely to detect
funny business by other processes. At the end, if permissions
were omitted, chmod them back in.
(copy_internal): If the ownership might change, omit some permissions
at first, then restore them after chowning the file.
* src/cp.c (make_dir_parents_private): Likewise.
* src/copy.c (cached_umask): New function.
* src/copy.h (cached_umask): New decl.
|
|
|
|
|
|
|
|
(struct cp_options): Remove myeuid member. Add chown_privileges
member.
(chown_privileges, chown_failure_ok): New function decls.
|
|
|
|
|
|
|
|
portable, since some systems (OSF V5.1, Solaris 2.5.1) provide static
inline `stat' and `lstat' functions, thus making the tests of
`xstat == lstat' in copy.c always fail.
(struct cp_options) [xstat]: Remove member.
(XSTAT): New macro.
|
|
|
|
|
|
|
|
(src_info_init): Declare.
|
|
(struct cp_options) [dest_info]: New member.
|
|
(struct cp_options) [preserve_links]: New member.
|
|
|
|
s/preserve_owner_and_group/preserve_ownership/, and
s/preserve_chmod_bits/preserve_mode/.
|
|
|
|
Instead, add I_ALWAYS_YES, I_ALWAYS_NO, and I_ASK_USER.
|
|
(struct cp_options) [interactive]: Change type to Interactive.
(struct cp_options) [stdin_tty]: New member.
|
|
|
|
as well as the definition of lstat from cp.c to this file.
|
|
|
|
|
|
[unlink_dest_before_opening]: Add member.
[unlink_dest_after_failed_open]: Add member.
|
|
(struct cp_options) [dereference]: Change type to Dereference_symlink.
|
|
|
|
[struct cp_options] (move_mode): New member.
|
|
[struct cp_options] (failed_unlink_is_fatal): New member.
(preserve_owner_and_group): New member.
(preserve_chmod_bits): New member.
(preserve_timestamps): New member.
(preserve): Remove member.
(set_mode): New member.
(mode): New member.
|
|
|
|
[struct cp_options] (backup_type): New member.
|
|
|
|
|
|
|
|
|
|
|