preserve-gid

Jim Meyering Sun, 20 Mar 2011 12:07:59 -0700

gmail wrote:
> This patch is a way to solve  this problem :
>
> --- tests/cp/preserve-gid.orig  2011-01-01 22:19:23.000000000 +0100
> +++ tests/cp/preserve-gid.cea   2011-03-20 14:05:19.000000000 +0100
> @@ -56,7 +56,8 @@
>    f=$1; shift
>    u=$1; shift
>    g=$1; shift
> -  t0 "$f" "$u" "$g" setuidgid -g "$nameless_gid1,$nameless_gid2" \
> +  t0 "$f" "$u" "$g" env PATH="../../src:$PATH" \
> +      setuidgid -g "$nameless_gid1,$nameless_gid2" \


Thanks for the suggestion, but that doesn't work when using a umask of 077.
In that case, the cp executable is not usable by $nameless_uid, period,
regardless of directory permissions.

Here is a proposed patch that should do the trick:

>From 3ed2bb6975f08597ab5ea216378ef27561309135 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyer...@redhat.com>
Date: Sun, 20 Mar 2011 08:56:06 +0100
Subject: [PATCH] tests: fix a bug in the cp/preserve-gid test

* tests/cp/preserve-gid: Ensure that every process under test uses
the cp binary we've just built.  Before this fix, the UID-changing
tests would end up using whatever cp happened to be available through
$PATH when umask or build-dir permissions were restrictive.
Analysis by arbogast.ced...@gmail.com in http://debbugs.gnu.org/8292.
---
 tests/cp/preserve-gid |   27 +++++++++++++++++++--------
 1 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/tests/cp/preserve-gid b/tests/cp/preserve-gid
index ac6d221..552032a 100755
--- a/tests/cp/preserve-gid
+++ b/tests/cp/preserve-gid
@@ -52,14 +52,6 @@ t0() {
   fi
 }

-t1() {
-  f=$1; shift
-  u=$1; shift
-  g=$1; shift
-  t0 "$f" "$u" "$g" setuidgid -g "$nameless_gid1,$nameless_gid2" \
-      "$nameless_uid" "$@"
-}
-
 nameless_uid=`$PERL -le '
   foreach my $i (1000..16*1024-1)
     {
@@ -105,6 +97,25 @@ t0 b1 "$nameless_uid" "$nameless_gid2" cp -p
 t0 c0 0 "$nameless_gid1" cp -p
 t0 c1 0 "$nameless_gid2" cp -p

+# For the remaining tests, we need a cp binary that is accessible to a user
+# with UID of $nameless_uid.  The build directory may not be accessible,
+# so create a temporary directory and copy cp into it, ensure that
+# $nameless_uid can access it and then make that directory the search path.
+tmp_path=
+cleanup_() { rm -rf "$tmp_path"; }
+tmp_path=$(mktemp -d) || fail_ "failed to create temporary directory"
+cp "$abs_path_dir_/cp" "$tmp_path"
+chown -R $nameless_uid "$tmp_path"
+
+t1() {
+  f=$1; shift
+  u=$1; shift
+  g=$1; shift
+  t0 "$f" "$u" "$g" env \
+      setuidgid -g "$nameless_gid1,$nameless_gid2" \
+      "$nameless_uid" env PATH="$tmp_path" "$@"
+}
+
 t1 a0 "$nameless_uid" "$nameless_gid1" cp
 t1 b0 "$nameless_uid" "$nameless_gid1" cp
 t1 b1 "$nameless_uid" "$nameless_gid1" cp
--
1.7.4.1.499.g53f9

bug#8292: COREUTILS-8.9: Potential bug in tests/cp/preserve-gid

Reply via email to