* m4/chown.m4 (AC_FUNC_CHOWN): Just use $host_os when checking for CHOWN_CHANGE_TIME_BUG. This should be good enough for currently supported Gnulib targets. --- ChangeLog | 5 +++++ m4/chown.m4 | 38 +++++++++----------------------------- 2 files changed, 14 insertions(+), 29 deletions(-)
diff --git a/ChangeLog b/ChangeLog index 8e2d1a6eb9..0e5388483d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,10 @@ 2025-09-21 Paul Eggert <[email protected]> + chown: simplify CHOWN_CHANGE_TIME_BUG checking + * m4/chown.m4 (AC_FUNC_CHOWN): Just use $host_os when checking for + CHOWN_CHANGE_TIME_BUG. This should be good enough for currently + supported Gnulib targets. + fchownat: fix security races and other bugs This fixes some unlikely security races, where our “no-op” chmod undid some other process’s chmod. diff --git a/m4/chown.m4 b/m4/chown.m4 index 8105cfd3ae..37993cfa78 100644 --- a/m4/chown.m4 +++ b/m4/chown.m4 @@ -1,5 +1,5 @@ # chown.m4 -# serial 37 +# serial 38 dnl Copyright (C) 1997-2001, 2003-2005, 2007, 2009-2025 Free Software dnl Foundation, Inc. dnl This file is free software; the Free Software Foundation @@ -131,35 +131,15 @@ AC_DEFUN_ONCE([gl_FUNC_CHOWN], esac dnl OpenBSD fails to update ctime if ownership does not change. - AC_CACHE_CHECK([whether chown always updates ctime], + AC_CACHE_CHECK([whether chown updates ctime per POSIX], [gl_cv_func_chown_ctime_works], - [AC_RUN_IFELSE([AC_LANG_PROGRAM([[ -#include <unistd.h> -#include <stdlib.h> -#include <errno.h> -#include <fcntl.h> -#include <sys/stat.h> -]GL_MDA_DEFINES], - [[struct stat st1, st2; - if (close (creat ("conftest.file", 0600))) return 1; - if (stat ("conftest.file", &st1)) return 2; - sleep (1); - if (chown ("conftest.file", st1.st_uid, st1.st_gid)) return 3; - if (stat ("conftest.file", &st2)) return 4; - if (st2.st_ctime <= st1.st_ctime) return 5; - ]])], - [gl_cv_func_chown_ctime_works=yes], - [gl_cv_func_chown_ctime_works=no], - [case "$host_os" in - # Guess yes on glibc systems. - *-gnu*) gl_cv_func_chown_ctime_works="guessing yes" ;; - # Guess yes on musl systems. - *-musl*) gl_cv_func_chown_ctime_works="guessing yes" ;; - # If we don't know, obey --enable-cross-guesses. - *) gl_cv_func_chown_ctime_works="$gl_cross_guess_normal" ;; - esac - ]) - rm -f conftest.file]) + [dnl Although this formerly used AC_RUN_IFELSE, that was tricky + dnl as it depended on timing and file timestamp resolution, + dnl and there were false positives when configuring with Linux fakeroot. + dnl Since the problem occurs only on OpenBSD, just test for that. + AS_CASE([$host_os], + [openbsd*], [gl_cv_func_chown_ctime_works=no], + [gl_cv_func_chown_ctime_works=yes])]) case "$gl_cv_func_chown_ctime_works" in *yes) ;; *) -- 2.48.1
