From owner-freebsd-bugs@FreeBSD.ORG Mon May 7 21:46:20 2007 Return-Path: X-Original-To: freebsd-bugs@FreeBSD.org Delivered-To: freebsd-bugs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id A466D16A400 for ; Mon, 7 May 2007 21:46:20 +0000 (UTC) (envelope-from jhein@timing.com) Received: from Daffy.timing.com (w.timing.com [206.168.13.218]) by mx1.freebsd.org (Postfix) with ESMTP id 5341D13C43E for ; Mon, 7 May 2007 21:46:20 +0000 (UTC) (envelope-from jhein@timing.com) Received: from gromit.timing.com (gromit.timing.com [206.168.13.209]) by Daffy.timing.com (8.13.1/8.13.1) with ESMTP id l47LDRWu036514; Mon, 7 May 2007 15:13:27 -0600 (MDT) (envelope-from jhein@timing.com) Received: from gromit.timing.com (localhost [127.0.0.1]) by gromit.timing.com (8.13.8/8.13.8) with ESMTP id l47LDPQv078961; Mon, 7 May 2007 15:13:25 -0600 (MDT) (envelope-from jhein@gromit.timing.com) Received: (from jhein@localhost) by gromit.timing.com (8.13.8/8.13.8/Submit) id l47LDPbV078958; Mon, 7 May 2007 15:13:25 -0600 (MDT) (envelope-from jhein) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <17983.38516.966371.23214@gromit.timing.com> Date: Mon, 7 May 2007 15:13:24 -0600 From: John E Hein To: FreeBSD-gnats-submit@FreeBSD.org, freebsd-bugs@FreeBSD.org In-Reply-To: <200705020050.l420o3qI065567@freefall.freebsd.org> References: <200705020011.l420BC2t051835@gromit.timing.com> <200705020050.l420o3qI065567@freefall.freebsd.org> X-Mailer: VM 7.19 under Emacs 22.0.99.1 X-Virus-Scanned: ClamAV version 0.90, clamav-milter version devel-120207 on Daffy.timing.com X-Virus-Status: Clean X-Spam-Status: No, score=-0.1 required=5.0 tests=AWL,BAYES_20, DK_POLICY_SIGNSOME,J_CHICKENPOX_75 autolearn=disabled version=3.1.8 X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on Daffy.timing.com Cc: Subject: Re: bin/112336: install -S (safe copy) with -C or -p is not so safe X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 May 2007 21:46:20 -0000 Here is a patch that implements 2 and was simpler than I thought it would be. It creates the temp file and does a rename, not only if the contents of the "from" & "to" files don't match, but also if perms/ownership don't match. One optimization could be to try to do the chown/chmod first and if that succceeds and the files match contents, don't bother with the temp file. But that seems to be needlessly complex for the relatively miniscule number of cases where we could gain from the added pedantry. And there may be edge case failures associated with an early chmod/chown. Any committers willing to take this one? Index: src/usr.bin/xinstall/xinstall.c =================================================================== RCS file: /base/FreeBSD-CVS/src/usr.bin/xinstall/xinstall.c,v retrieving revision 1.67 diff -u -p -r1.67 xinstall.c --- src/usr.bin/xinstall/xinstall.c 6 Mar 2006 21:52:59 -0000 1.67 +++ src/usr.bin/xinstall/xinstall.c 7 May 2007 20:52:18 -0000 @@ -317,7 +317,19 @@ install(const char *from_name, const cha if (docompare && !dostrip && target) { if ((to_fd = open(to_name, O_RDONLY, 0)) < 0) err(EX_OSERR, "%s", to_name); - if (devnull) + /* + * Even if the contents are the same, we want to rename + * temp files when doing a "safe" copy if the + * permissions and ownership need to change. We may + * not have permission to chown/chmod the "to" file + * directly. + */ + if (tempcopy && + ((gid != (gid_t)-1 && gid != to_sb.st_gid) || + (uid != (uid_t)-1 && uid != to_sb.st_uid) || + (mode != (to_sb.st_mode & ALLPERMS)))) + files_match = 0; + else if (devnull) files_match = to_sb.st_size == 0; else files_match = !(compare(from_fd, from_name,