From: Wayne Davison Date: Sun, 2 Jan 2011 01:30:26 +0000 (-0800) Subject: Avoid directory permission issues with --fake-super. X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/commitdiff_plain/d3f5c628d7bdec6f7334bbae68a7bee1f5285815 Avoid directory permission issues with --fake-super. Fixes bug 7070. --- diff --git a/generator.c b/generator.c index 32d56eac..8fd4a19a 100644 --- a/generator.c +++ b/generator.c @@ -1285,8 +1285,15 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx, fnamecmp = fname; if (is_dir) { + mode_t added_perms; if (!implied_dirs && file->flags & FLAG_IMPLIED_DIR) goto cleanup; + if (am_root < 0) { + /* For --fake-super, the dir must be useable by the copying + * user, just like it would be for root. */ + added_perms = S_IRUSR|S_IWUSR|S_IXUSR; + } else + added_perms = 0; if (is_dir < 0) { /* In inc_recurse mode we want to make sure any missing * directories get created while we're still processing @@ -1297,7 +1304,7 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx, && (S_ISDIR(sx.st.st_mode) || delete_item(fname, sx.st.st_mode, del_opts | DEL_FOR_DIR) != 0)) goto cleanup; /* Any errors get reported later. */ - if (do_mkdir(fname, file->mode & 0700) == 0) + if (do_mkdir(fname, (file->mode|added_perms) & 0700) == 0) file->flags |= FLAG_DIR_CREATED; goto cleanup; } @@ -1340,10 +1347,10 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx, itemize(fnamecmp, file, ndx, statret, &sx, statret ? ITEM_LOCAL_CHANGE : 0, 0, NULL); } - if (real_ret != 0 && do_mkdir(fname,file->mode) < 0 && errno != EEXIST) { + if (real_ret != 0 && do_mkdir(fname,file->mode|added_perms) < 0 && errno != EEXIST) { if (!relative_paths || errno != ENOENT || make_path(fname, MKP_DROP_NAME | MKP_SKIP_SLASH) < 0 - || (do_mkdir(fname, file->mode) < 0 && errno != EEXIST)) { + || (do_mkdir(fname, file->mode|added_perms) < 0 && errno != EEXIST)) { rsyserr(FERROR_XFER, errno, "recv_generator: mkdir %s failed", full_fname(fname)); diff --git a/receiver.c b/receiver.c index 0bc65177..a5192475 100644 --- a/receiver.c +++ b/receiver.c @@ -24,6 +24,7 @@ extern int dry_run; extern int do_xfers; +extern int am_root; extern int am_server; extern int inc_recurse; extern int log_before_transfer; @@ -173,15 +174,25 @@ int get_tmpname(char *fnametmp, const char *fname, BOOL make_unique) int open_tmpfile(char *fnametmp, const char *fname, struct file_struct *file) { int fd; + mode_t added_perms; if (!get_tmpname(fnametmp, fname, False)) return -1; + if (am_root < 0) { + /* For --fake-super, the file must be useable by the copying + * user, just like it would be for root. */ + added_perms = S_IRUSR|S_IWUSR; + } else { + /* For a normal copy, we need to be able to tweak things like xattrs. */ + added_perms = S_IWUSR; + } + /* We initially set the perms without the setuid/setgid bits or group * access to ensure that there is no race condition. They will be * correctly updated after the right owner and group info is set. * (Thanks to snabb@epipe.fi for pointing this out.) */ - fd = do_mkstemp(fnametmp, (file->mode & INITACCESSPERMS) | S_IWUSR); + fd = do_mkstemp(fnametmp, (file->mode|added_perms) & INITACCESSPERMS); #if 0 /* In most cases parent directories will already exist because their @@ -191,7 +202,7 @@ int open_tmpfile(char *fnametmp, const char *fname, struct file_struct *file) && make_path(fnametmp, MKP_SKIP_SLASH | MKP_DROP_NAME) == 0) { /* Get back to name with XXXXXX in it. */ get_tmpname(fnametmp, fname, False); - fd = do_mkstemp(fnametmp, file->mode & INITACCESSPERMS); + fd = do_mkstemp(fnametmp, (file->mode|added_perms) & INITACCESSPERMS); } #endif diff --git a/testsuite/xattrs.test b/testsuite/xattrs.test index 76b90993..74f17db2 100644 --- a/testsuite/xattrs.test +++ b/testsuite/xattrs.test @@ -48,7 +48,8 @@ makepath "$chkdir/foo" echo wow >"$chkdir/file1" cp_touch "$fromdir/foo/file3" "$chkdir/foo" -files='foo file0 file1 file2 foo/file3 file4 foo/bar/file5' +files='foo file0 file1 file2 foo/file3 file4 foo/bar foo/bar/file5' +uid_gid=`"$TOOLDIR/tls" "$fromdir/foo" | sed 's/^.* \([0-9][0-9]*\)\.\([0-9][0-9]*\) .*/\1:\2/'` cd "$fromdir" @@ -106,12 +107,35 @@ checkit "$RSYNC -aiX --fake-super --link-dest=../chk . ../to" "$chkdir" "$todir" cd "$todir" xls $files | diff $diffopt "$scratchdir/xattrs.txt" - -sed -n -e '/\.\/file1$/d' -e '/^[^ ][^ ]* *[^ ][^ ]* *[^ ][^ ]* *1 /p' "$scratchdir/ls-to" >"$scratchdir/ls-diff" +sed -n -e '/^[^ ][^ ]* *[^ ][^ ]* *[^ ][^ ]* *1 /p' "$scratchdir/ls-to" >"$scratchdir/ls-diff-all" +fgrep -v './file1' "$scratchdir/ls-diff-all" >"$scratchdir/ls-diff" || : if [ -s "$scratchdir/ls-diff" ]; then echo "Missing hard links on:" cat "$scratchdir/ls-diff" exit 1 fi +if [ ! -s "$scratchdir/ls-diff-all" ]; then + echo "Too many hard links on file1!" + exit 1 +fi + +cd "$chkdir" +chmod go-rwx . $files + +xset user.nice 'this is nice, but different' file1 +xset user.rsync.%stat "100000 0,0 $uid_gid" $files +xset user.rsync.%stat "40000 0,0 $uid_gid" foo foo/bar + +xls $files >"$scratchdir/xattrs.txt" + +cd "$fromdir" +rm -rf "$todir" + +# When run by a non-root tester, this checks if no-user-perm files/dirs can be copied. +checkit "$RSYNC -aiX --fake-super --chmod=a= . ../to" "$chkdir" "$todir" # 2>"$scratchdir/errors.txt" + +cd "$todir" +xls $files | diff $diffopt "$scratchdir/xattrs.txt" - cd "$fromdir" rm -rf "$todir" "$chkdir"