use acl_extended_file_nofollow() if available (#692823)
This commit is contained in:
Ondřej Vašík
parent
65b57c538d
commit
c9c477adae
74
coreutils-acl-extended-file-nofollow.patch
Normal file
74
coreutils-acl-extended-file-nofollow.patch
Normal file
@ -0,0 +1,74 @@
|
|||||||
|
From 95f7c57ff4090a5dee062044d2c7b99879077808 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Kamil Dudka <kdudka <at> redhat.com>
|
||||||
|
Date: Fri, 22 Jul 2011 14:48:42 +0200
|
||||||
|
Subject: [PATCH] file-has-acl: use acl_extended_file_nofollow if available
|
||||||
|
|
||||||
|
* lib/acl-internal.h (HAVE_ACL_EXTENDED_FILE): New macro.
|
||||||
|
(acl_extended_file): New macro.
|
||||||
|
* lib/file-has-acl.c (file_has_acl): Use acl_extended_file_nofollow.
|
||||||
|
* m4/acl.m4 (gl_FUNC_ACL): Check for acl_extended_file_nofollow.
|
||||||
|
This addresses http://bugzilla.redhat.com/692823.
|
||||||
|
---
|
||||||
|
lib/acl-internal.h | 6 ++++++
|
||||||
|
lib/file-has-acl.c | 10 +++++++++-
|
||||||
|
m4/acl.m4 | 2 +-
|
||||||
|
3 files changed, 16 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/acl-internal.h b/lib/acl-internal.h
|
||||||
|
index b3160a7..b509666 100644
|
||||||
|
--- a/lib/acl-internal.h
|
||||||
|
+++ b/lib/acl-internal.h
|
||||||
|
@@ -133,6 +133,12 @@ rpl_acl_set_fd (int fd, acl_t acl)
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Linux-specific */
|
||||||
|
+# ifndef HAVE_ACL_EXTENDED_FILE_NOFOLLOW
|
||||||
|
+# define HAVE_ACL_EXTENDED_FILE_NOFOLLOW false
|
||||||
|
+# define acl_extended_file_nofollow(name) (-1)
|
||||||
|
+# endif
|
||||||
|
+
|
||||||
|
+/* Linux-specific */
|
||||||
|
# ifndef HAVE_ACL_FROM_MODE
|
||||||
|
# define HAVE_ACL_FROM_MODE false
|
||||||
|
# define acl_from_mode(mode) (NULL)
|
||||||
|
diff --git a/lib/file-has-acl.c b/lib/file-has-acl.c
|
||||||
|
index 3d4d5c1..2ee6ba2 100644
|
||||||
|
--- a/lib/file-has-acl.c
|
||||||
|
+++ b/lib/file-has-acl.c
|
||||||
|
@@ -366,12 +366,20 @@ file_has_acl (char const *name, struct stat const *sb)
|
||||||
|
/* Linux, FreeBSD, MacOS X, IRIX, Tru64 */
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
- if (HAVE_ACL_EXTENDED_FILE) /* Linux */
|
||||||
|
+ if (HAVE_ACL_EXTENDED_FILE || HAVE_ACL_EXTENDED_FILE_NOFOLLOW) /* Linux */
|
||||||
|
{
|
||||||
|
+# if HAVE_ACL_EXTENDED_FILE_NOFOLLOW
|
||||||
|
+ /* acl_extended_file_nofollow() uses lgetxattr() in order to prevent
|
||||||
|
+ unnecessary mounts, but it returns the same result as we already
|
||||||
|
+ know that NAME is not a symbolic link at this point (modulo the
|
||||||
|
+ TOCTTOU race condition). */
|
||||||
|
+ ret = acl_extended_file_nofollow (name);
|
||||||
|
+# else
|
||||||
|
/* On Linux, acl_extended_file is an optimized function: It only
|
||||||
|
makes two calls to getxattr(), one for ACL_TYPE_ACCESS, one for
|
||||||
|
ACL_TYPE_DEFAULT. */
|
||||||
|
ret = acl_extended_file (name);
|
||||||
|
+# endif
|
||||||
|
}
|
||||||
|
else /* FreeBSD, MacOS X, IRIX, Tru64 */
|
||||||
|
{
|
||||||
|
diff --git a/m4/acl.m4 b/m4/acl.m4
|
||||||
|
index d6a448a..ecf0384 100644
|
||||||
|
--- a/m4/acl.m4
|
||||||
|
+++ b/m4/acl.m4
|
||||||
|
@@ -33,7 +33,7 @@ AC_DEFUN([gl_FUNC_ACL],
|
||||||
|
AC_CHECK_FUNCS(
|
||||||
|
[acl_get_file acl_get_fd acl_set_file acl_set_fd \
|
||||||
|
acl_free acl_from_mode acl_from_text \
|
||||||
|
- acl_delete_def_file acl_extended_file \
|
||||||
|
+ acl_delete_def_file acl_extended_file acl_extended_file_nofollow \
|
||||||
|
acl_delete_fd_np acl_delete_file_np \
|
||||||
|
acl_copy_ext_native acl_create_entry_np \
|
||||||
|
acl_to_short_text acl_free_text])
|
||||||
|
--
|
||||||
|
1.7.6.586.g302e6
|
||||||
@ -1,7 +1,7 @@
|
|||||||
Summary: A set of basic GNU tools commonly used in shell scripts
|
Summary: A set of basic GNU tools commonly used in shell scripts
|
||||||
Name: coreutils
|
Name: coreutils
|
||||||
Version: 8.12
|
Version: 8.12
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
License: GPLv3+
|
License: GPLv3+
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Url: http://www.gnu.org/software/coreutils/
|
Url: http://www.gnu.org/software/coreutils/
|
||||||
@ -32,6 +32,8 @@ Patch103: coreutils-8.2-uname-processortype.patch
|
|||||||
Patch104: coreutils-df-direct.patch
|
Patch104: coreutils-df-direct.patch
|
||||||
#add note about mkdir --mode behaviour into info documentation(#610559)
|
#add note about mkdir --mode behaviour into info documentation(#610559)
|
||||||
Patch107: coreutils-8.4-mkdir-modenote.patch
|
Patch107: coreutils-8.4-mkdir-modenote.patch
|
||||||
|
#use acl_extended_file_nofollow if available (#692823)
|
||||||
|
Patch108: coreutils-acl-extended-file-nofollow.patch
|
||||||
|
|
||||||
# sh-utils
|
# sh-utils
|
||||||
#add info about TZ envvar to date manpage
|
#add info about TZ envvar to date manpage
|
||||||
@ -121,6 +123,7 @@ Libraries for coreutils package.
|
|||||||
%patch103 -p1 -b .sysinfo
|
%patch103 -p1 -b .sysinfo
|
||||||
%patch104 -p1 -b .dfdirect
|
%patch104 -p1 -b .dfdirect
|
||||||
%patch107 -p1 -b .mkdirmode
|
%patch107 -p1 -b .mkdirmode
|
||||||
|
%patch108 -p1 -b .nofollow
|
||||||
|
|
||||||
# sh-utils
|
# sh-utils
|
||||||
%patch703 -p1 -b .dateman
|
%patch703 -p1 -b .dateman
|
||||||
@ -329,6 +332,9 @@ fi
|
|||||||
%{_libdir}/coreutils
|
%{_libdir}/coreutils
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Jul 29 2011 Ondrej Vasik <ovasik@redhat.com> - 8.12-3
|
||||||
|
- use acl_extended_file_nofollow() if available (#692823)
|
||||||
|
|
||||||
* Fri Jul 15 2011 Ondrej Vasik <ovasik@redhat.com> - 8.12-2
|
* Fri Jul 15 2011 Ondrej Vasik <ovasik@redhat.com> - 8.12-2
|
||||||
- support ecryptfs mount of Private (postlogin into su.pamd)
|
- support ecryptfs mount of Private (postlogin into su.pamd)
|
||||||
(#722323)
|
(#722323)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user