| Age | Commit message (Collapse) | Author |
|---|
|
* cfg.mk (sc_prohibit_expr_unsigned): expr uses intmax_t internally
when GMP is not available, so flag any uses of unsigned limits.
* tests/misc/timeout-parameters.sh: Remove the overflow related
to UINT_MAX as it's handled by the following case. Change the
following case from 99... to $TIME_T_OFLOW to be more expressive
in what it's actually testing. Directly check that commands succeed,
rather than inspecting $? afterwards.
* tests/dd/skip-seek-past-dev.sh: Guard against large device sizes.
* tests/id/setgid.sh: Protect: Guard against large group IDs.
* tests/misc/cut-huge-range.sh: Tweak comment to avoid syntax check.
It's tempting to simplify to just skip the test if expr fails,
but SIZE_MAX > INTMAX_MAX is the common case.
|
|
Run "make update-copyright" and then...
* gnulib: Update to latest with copyright year adjusted.
* tests/init.sh: Sync with gnulib to pick up copyright year.
* bootstrap: Likewise.
* tests/sample-test: Adjust to use the single most recent year.
|
|
Run "make update-copyright" and then...
* tests/sample-test: Adjust to use the single most recent year.
* tests/du/bind-mount-dir-cycle-v2.sh: Fix case in copyright message,
so that year is updated automatically in future.
|
|
Since commit v8.22-94-g99960ee, chroot(1) skips the chroot(2) syscall
for "/" arguments (and synonyms). The problem is that it also skips
the following chdir("/") call in that case. The latter breaks existing
scripts which expect "/" to be the working directory inside the chroot.
While the first part of the change - i.e., skipping chroot("/") - is
okay for consistency with systems where it might succeed for a non-root
user, the second part might be malicious, e.g.
cd /home/user && chroot '/' bin/foo
In the "best" case, chroot(1) could not execute 'bin/foo' with ENOENT,
but in the worst case, chroot(1) would execute '/home/user/bin/foo' in
the case that exists - instead of '/bin/foo'.
Revert that second part of the patch, i.e., perform the chdir("/)
in the common case again - unless the new --skip-chdir option is
specified. Restrict this new option to the case of "/" arguments.
* src/chroot.c (SKIP_CHDIR): Add enum.
(long_opts): Add entry for the new --skip-chdir option.
(usage): Add --skip-chdir option, and while at it, move the other
to options into alphabetical order.
(main): Accept the above new option, allowing it only in the case
when NEWROOT is the old "/".
Move down the chdir() call after the if-clause to ensure it is
run in any case - unless --skip-chdir is specified.
Add a 'newroot' variable for the new root directory as it is used
in a couple of places now.
* tests/misc/chroot-fail.sh: Invert the last tests which check the
working directory of the execvp()ed program when a "/"-like
argument was passed: now expect it to be "/" - unless --skip-chdir
is given.
* doc/coreutils.texi (chroot invocation): Document the new option.
Document that chroot(1) usually calls chdir("/") unless the new
--skip-chdir option is specified. Sort options.
* NEWS (Changes in behavior): Mention the fix.
(New features): Mention the new option.
* init.cfg (nonroot_has_perm_): Add chroot's new --skip-chdir option.
* tests/cp/preserve-gid.sh (t1): Likewise.
* tests/cp/special-bits.sh: Likewise.
* tests/id/setgid.sh: Likewise.
* tests/misc/truncate-owned-by-other.sh: Likewise.
* tests/mv/sticky-to-xpart.sh: Likewise.
* tests/rm/fail-2eperm.sh: Likewise.
* tests/rm/no-give-up.sh: Likewise.
* tests/touch/now-owned-by-other.sh: Likewise.
Reported by Andreas Schwab in http://bugs.gnu.org/18062
|
|
* HACKING: GID is more useful in tests than group name, so rename
input param from NON_ROOT_GROUP to NON_ROOT_GID to make it obvious
that only a group ID is now acceptable, thus allowing GID lookups
to be avoided throughout the tests.
* init.cfg (require_root_): Likewise.
* tests/misc/truncate-owned-by-other.sh: Avoid looking up the GID.
* tests/touch/now-owned-by-other.sh: Likewise.
* tests/misc/chroot-credentials.sh: Likewise. Also fix an instance
of comparison against NON_ROOT_GROUP which would have given a false
failure if a non numeric value was passed in.
* tests/id/setgid.sh: Use previously looked up gid as a more
accurate base for the subsequent adjustment, and move
the uid lookup within chroot, rather than having the overhead
of a separate `id` invocation.
|
|
* src/id.c (print_full_info): When no user is specified,
output the effective group for the _process_, rather than
the default group from the system database, which may be different.
* tests/id/setgid.sh: Add a case for `id` as well as `id -G`.
* NEWS: Mention the bug fix.
Fixes http://bugs.gnu.org/7320
Reported at http://bugzilla.redhat.com/1016163
|
|
* init.cfg (require_root_): Adjust to use chroot, and make
`require_built_ chroot` implicit when chroot used in the test.
* po/POTFILES.in: Remove reference to setuidgid tool.
* src/.gitignore: Likewise.
* src/local.mk: Likewise.
* src/setuidgid.c: Remove.
* tests/cp/preserve-gid.sh: s/setuidgid/chroot --user/.
* tests/cp/special-bits.sh: Likewise.
* tests/id/setgid.sh: Likewise.
* tests/misc/truncate-owned-by-other.sh
* tests/mv/sticky-to-xpart.sh: Likewise.
* tests/rm/fail-2eperm.sh: Likewise.
* tests/rm/no-give-up.sh: Likewise.
* tests/touch/now-owned-by-other.sh: Likewise.
* tests/misc/chroot-fail.sh: Skip if chroot not built.
|
|
Run "make update-copyright", but then also run this,
perl -pi -e 's/2\d\d\d-//' tests/sample-test
to make that one script use the single most recent year number.
|
|
* tests/misc/id-context.sh -> tests/id/context.sh
* tests/misc/id-setgid.sh -> tests/id/setgid.sh
* tests/misc/id-uid.sh -> tests/id/uid.sh
* tests/misc/id-zero.sh -> tests/id/zero.sh
* tests/local.mk: Reference the renamed tests
|
