[Vserver] suggestion for hashify improvement

Sat, 23 Sep 2006 22:23:46 -0700 

Hi,

as I am running debian in my vservers I got the well known problems with
dpkg on some package updates. (It failed updating files with setuid or
setgid bit set, because it cannot change the mode to 0600 before deletion).

Google quickly found the hack in modifying dpkg. I did and it worked.
But I wasn't happy, because dpkg did nothing wrong by first changing the
access modes to 0600. So any hardlinks surviving the update won't be
executable.

Dpkg should be left as is and any setuid/setgid file should be excluded
from unification.

Ok, here are the modification I made:

diff -aur util-vserver-0.30.210-old/src/vhashify.c
util-vserver-0.30.210-new/src/vhashify.c
--- util-vserver-0.30.210-old/src/vhashify.c    2005-10-29
11:25:42.000000000 +0200
+++ util-vserver-0.30.210-new/src/vhashify.c    2006-09-14
11:38:03.000000000 +0200
@@ -216,7 +216,11 @@
     // ignore small files
   skip_reason.r = rsTOOSMALL;
   if (st->st_size < HASH_MINSIZE) return false;
-
+
+    // ignore sticky and set-id files
+  skip_reason.r = rsSETID;
+  if(st->st_mode & (S_ISUID|S_ISGID|S_ISVTX)) return false;
+
   switch (Unify_isIUnlinkable(basename->d)) {
     case unifyUNSUPPORTED  :  skip_reason.r = rsUNSUPPORTED; return false;
     case unifyBUSY   :
@@ -569,6 +573,7 @@
     case rsSPECIAL  :  WRITE_MSG(1, "non regular file"); break;
     case rsWRONGDEV :  WRITE_MSG(1, "no matching device"); break;
     case rsGENERAL  :  WRITE_MSG(1, "general error"); break;
+    case rsSETID :  WRITE_MSG(1, "set-id file"); break;
     default  :  assert(false); abort();
   }
   WRITE_MSG(1, ")");
diff -aur util-vserver-0.30.210-old/src/vhashify.h
util-vserver-0.30.210-new/src/vhashify.h
--- util-vserver-0.30.210-old/src/vhashify.h    2005-03-18
01:25:37.000000000 +0100
+++ util-vserver-0.30.210-new/src/vhashify.h    2006-09-14
11:38:03.000000000 +0200
@@ -42,7 +42,7 @@
 struct SkipReason {
     enum { rsDOTFILE, rsEXCL, rsTOOSMALL, rsUNSUPPORTED,
     rsFSTAT,   rsSYMLINK, rsUNIFIED, rsWRONGDEV,
-    rsSPECIAL, rsGENERAL } r;
+    rsSPECIAL, rsGENERAL, rsSETID }   r;
 };

 typedef struct Vector  HashDirCollection;


Bye,
spTim

_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Reply via email to