import coreutils-8.30-15.el8

import coreutils-8.30-13.el8
2023-05-17 01:15:09 +00:00 · 2022-11-08 07:04:48 +00:00
7 changed files with 798 additions and 49 deletions
--- a/SOURCES/coreutils-8.22-doc-ls-kibibytes.patch
+++ b/SOURCES/coreutils-8.22-doc-ls-kibibytes.patch
@ -0,0 +1,32 @@
+From c6418e3a5cb3a65af79117162a93a66026cc8c36 Mon Sep 17 00:00:00 2001
+From: Kamil Dudka <kdudka@redhat.com>
+Date: Thu, 6 Dec 2018 14:28:00 +0100
+Subject: [PATCH] doc: improve wording of the --kibibytes option description
+
+Bug: https://bugzilla.redhat.com/1527391
+---
+ doc/coreutils.texi | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/doc/coreutils.texi b/doc/coreutils.texi
+index 88d6506..772aab6 100644
+--- a/doc/coreutils.texi
+++ b/doc/coreutils.texi
+@@ -7615,9 +7615,11 @@ Append @samp{*} for executable regular files, otherwise behave as for
+ @opindex --kibibytes
+ Set the default block size to its normal value of 1024 bytes,
+ overriding any contrary specification in environment variables
+-(@pxref{Block size}).  This option is in turn overridden by the
+-@option{--block-size}, @option{-h} or @option{--human-readable}, and
+-@option{--si} options.
+(@pxref{Block size}).  If @option{--block-size}, @option{-h},
+@option{--human-readable}, or @option{--si} options are used,
+they take precedence over @option{-k} or @option{--kibibytes}
+even if @option{-k} or @option{--kibibytes} is placed after
+the other options.
+ 
+ The @option{-k} or @option{--kibibytes} option affects the
+ per-directory block count written by the @option{-l} and similar
+-- 
+2.17.2
+
--- a/SOURCES/coreutils-9.0-autofs-no-mount.patch
+++ b/SOURCES/coreutils-9.0-autofs-no-mount.patch
@ -0,0 +1,87 @@
+From f4422844dbcd839ce486bcbc15b7bd5b72c9198d Mon Sep 17 00:00:00 2001
+From: Rohan Sable <rsable@redhat.com>
+Date: Mon, 7 Mar 2022 14:14:13 +0000
+Subject: [PATCH 1/2] ls: avoid triggering automounts
+
+statx() has different defaults wrt automounting
+compared to stat() or lstat(), so explicitly
+set the AT_NO_AUTOMOUNT flag to suppress that behavior,
+and avoid unintended operations or potential errors.
+
+* src/ls.c (do_statx): Pass AT_NO_AUTOMOUNT to avoid this behavior.
+Fixes https://bugs.gnu.org/54286
+
+Signed-off-by: Rohan Sable <rsable@redhat.com>
+
+Upstream-commit: 85c975df2c25bd799370b04bb294e568e001102f
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ src/ls.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/ls.c b/src/ls.c
+index 1047801..fe0e9f8 100644
+--- a/src/ls.c
+++ b/src/ls.c
+@@ -1126,7 +1126,7 @@ do_statx (int fd, const char *name, struct stat *st, int flags,
+           unsigned int mask)
+ {
+   struct statx stx;
+-  int ret = statx (fd, name, flags, mask, &stx);
+  int ret = statx (fd, name, flags | AT_NO_AUTOMOUNT, mask, &stx);
+   if (ret >= 0)
+     statx_to_stat (&stx, st);
+   return ret;
+-- 
+2.34.1
+
+
+From 3d227f9e4f3fe806064721e4b9451ee06526bc80 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
+Date: Mon, 7 Mar 2022 23:29:20 +0000
+Subject: [PATCH 2/2] stat: only automount with --cached=never
+
+Revert to the default behavior before the introduction of statx().
+
+* src/stat.c (do_stat): Set AT_NO_AUTOMOUNT without --cached=never.
+* doc/coreutils.texi (stat invocation): Mention the automount
+behavior with --cached=never.
+
+Fixes https://bugs.gnu.org/54287
+
+Upstream-commit: 92cb8427c537f37edd43c5cef1909585201372ab
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ doc/coreutils.texi | 1 +
+ src/stat.c         | 3 +++
+ 2 files changed, 4 insertions(+)
+
+diff --git a/doc/coreutils.texi b/doc/coreutils.texi
+index 19b535c..0f5c16a 100644
+--- a/doc/coreutils.texi
+++ b/doc/coreutils.texi
+@@ -12204,6 +12204,7 @@ Always read the already cached attributes if available.
+ 
+ @item never
+ Always sychronize with the latest file system attributes.
+This also mounts automounted files.
+ 
+ @item default
+ Leave the caching behavior to the underlying file system.
+diff --git a/src/stat.c b/src/stat.c
+index 0c34501..803340a 100644
+--- a/src/stat.c
+++ b/src/stat.c
+@@ -1343,6 +1343,9 @@ do_stat (char const *filename, char const *format, char const *format2)
+   else if (force_sync)
+     flags |= AT_STATX_FORCE_SYNC;
+ 
+  if (! force_sync)
+    flags |= AT_NO_AUTOMOUNT;
+
+   fd = statx (fd, pathname, flags, format_to_mask (format), &stx);
+   if (fd < 0)
+     {
+-- 
+2.34.1
+
--- a/SOURCES/coreutils-df-direct.patch
+++ b/SOURCES/coreutils-df-direct.patch
@ -1,8 +1,20 @@
+From 6e36198f10a2f63b89c89ebb5d5c185b20fb3a63 Mon Sep 17 00:00:00 2001
+From: Kamil Dudka <kdudka@redhat.com>
+Date: Mon, 29 Mar 2010 17:20:34 +0000
+Subject: [PATCH] coreutils-df-direct.patch
+
+---
+ doc/coreutils.texi |  7 ++++++
+ src/df.c           | 34 ++++++++++++++++++++++++++--
+ tests/df/direct.sh | 55 ++++++++++++++++++++++++++++++++++++++++++++++
+ 3 files changed, 94 insertions(+), 2 deletions(-)
+ create mode 100755 tests/df/direct.sh
+
 diff --git a/doc/coreutils.texi b/doc/coreutils.texi
-index a507280..400e135 100644
+index 5b9a597..6810c15 100644
 --- a/doc/coreutils.texi
 +++ b/doc/coreutils.texi
-@@ -11303,6 +11303,13 @@ some systems (notably SunOS), doing this yields more up to date results,
+@@ -11898,6 +11898,13 @@ some systems (notably SunOS), doing this yields more up to date results,
 but in general this option makes @command{df} much slower, especially when
 there are many or very busy file systems.
 
@ -17,10 +29,10 @@ index a507280..400e135 100644
 @opindex --total
 @cindex grand total of disk size, usage and available space
 diff --git a/src/df.c b/src/df.c
-index 8f760db..a7385fd 100644
+index 48025b9..c8efa5b 100644
 --- a/src/df.c
 +++ b/src/df.c
-@@ -120,6 +120,9 @@ static bool print_type;
+@@ -125,6 +125,9 @@ static bool print_type;
 /* If true, print a grand total at the end.  */
 static bool print_grand_total;
 
@ -30,7 +42,7 @@ index 8f760db..a7385fd 100644
 /* Grand total data.  */
 static struct fs_usage grand_fsu;
 
-@@ -247,13 +250,15 @@ enum
+@@ -252,13 +255,15 @@ enum
   NO_SYNC_OPTION = CHAR_MAX + 1,
   SYNC_OPTION,
   TOTAL_OPTION,
@ -47,7 +59,7 @@ index 8f760db..a7385fd 100644
   {"inodes", no_argument, NULL, 'i'},
   {"human-readable", no_argument, NULL, 'h'},
   {"si", no_argument, NULL, 'H'},
-@@ -509,7 +514,10 @@ get_header (void)
+@@ -561,7 +566,10 @@ get_header (void)
   for (col = 0; col < ncolumns; col++)
     {
       char *cell = NULL;
@ -59,7 +71,7 @@ index 8f760db..a7385fd 100644
 
       if (columns[col]->field == SIZE_FIELD
           && (header_mode == DEFAULT_MODE
-@@ -1397,6 +1405,19 @@ get_point (const char *point, const struct stat *statp)
+@@ -1464,6 +1472,17 @@ get_point (const char *point, const struct stat *statp)
 static void
 get_entry (char const *name, struct stat const *statp)
 {
@ -68,9 +80,7 @@ index 8f760db..a7385fd 100644
 +      char *resolved = canonicalize_file_name (name);
 +      if (resolved)
 +	{
-+         char *mp = find_mount_point (name, statp);
-+	  get_dev (NULL, mp, resolved, NULL, NULL, false, false, NULL, false);
-+         free(mp);
+	  get_dev (NULL, resolved, name, NULL, NULL, false, false, NULL, false);
 +	  free (resolved);
 +	  return;
 +	}
@ -79,7 +89,7 @@ index 8f760db..a7385fd 100644
   if ((S_ISBLK (statp->st_mode) || S_ISCHR (statp->st_mode))
       && get_disk (name))
     return;
-@@ -1467,6 +1488,7 @@ or all file systems by default.\n\
+@@ -1534,6 +1553,7 @@ or all file systems by default.\n\
   -B, --block-size=SIZE  scale sizes by SIZE before printing them; e.g.,\n\
                            '-BM' prints sizes in units of 1,048,576 bytes;\n\
                            see SIZE format below\n\
@ -87,7 +97,7 @@ index 8f760db..a7385fd 100644
   -h, --human-readable  print sizes in powers of 1024 (e.g., 1023M)\n\
   -H, --si              print sizes in powers of 1000 (e.g., 1.1G)\n\
 "), stdout);
-@@ -1557,6 +1579,9 @@ main (int argc, char **argv)
+@@ -1624,6 +1644,9 @@ main (int argc, char **argv)
               xstrtol_fatal (e, oi, c, long_options, optarg);
           }
           break;
@ -97,7 +107,7 @@ index 8f760db..a7385fd 100644
         case 'i':
           if (header_mode == OUTPUT_MODE)
             {
-@@ -1653,6 +1678,13 @@ main (int argc, char **argv)
+@@ -1720,6 +1743,13 @@ main (int argc, char **argv)
         }
     }
 
@ -172,3 +182,6 @@ index 0000000..8e4cfb8
 +compare file_out file_exp || fail=1
 +
 +Exit $fail
+-- 
+2.31.1
+
--- a/SOURCES/coreutils-i18n-expand-unexpand.patch
+++ b/SOURCES/coreutils-i18n-expand-unexpand.patch
@ -572,16 +572,18 @@ index 7801274..569a7ee 100644
                 {
                   /* Go back one column, and force recalculation of the
                      next tab stop.  */
-@@ -221,7 +235,7 @@ unexpand (void)
+@@ -221,16 +235,20 @@ unexpand (void)
                 }
               else
                 {
 -                  column++;
+-                  if (!column)
+                  const uintmax_t orig_column = column;
 +                  column += mb_width (c);
-                   if (!column)
+                  if (column < orig_column)
                     die (EXIT_FAILURE, 0, _("input line is too long"));
                 }
-@@ -229,8 +243,11 @@ unexpand (void)
+ 
               if (pending)
                 {
                   if (pending > 1 && one_blank_before_tab_stop)
@ -595,7 +597,7 @@ index 7801274..569a7ee 100644
                     die (EXIT_FAILURE, errno, _("write error"));
                   pending = 0;
                   one_blank_before_tab_stop = false;
-@@ -240,16 +257,17 @@ unexpand (void)
+@@ -240,16 +258,17 @@ unexpand (void)
               convert &= convert_entire_line || blank;
             }
 
--- a/SOURCES/coreutils-i18n-fix-unexpand.patch
+++ b/SOURCES/coreutils-i18n-fix-unexpand.patch
@ -1,28 +0,0 @@
-From 02424bfcd719bbaa695f4e1c3ef17ad91b0d23c0 Mon Sep 17 00:00:00 2001
-From: Lubomir Rintel <lkundrak@v3.sk>
-Date: Thu, 28 Jan 2016 20:57:22 +0100
-Subject: [PATCH] unexpand: fix blank line handling
-
-  echo '' |./src/unexpand -a
-
-Really?
---
- src/unexpand.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/unexpand.c b/src/unexpand.c
-index 569a7ee..3bbbd66 100644
--- a/src/unexpand.c
-+++ b/src/unexpand.c
-@@ -233,7 +233,7 @@ unexpand (void)
-                   next_tab_column = column;
-                   tab_index -= !!tab_index;
-                 }
-              else
-+              else if (!mb_iseq (c, '\n'))
-                 {
-                   column += mb_width (c);
-                   if (!column)
-- 
-2.7.4
-
--- a/SOURCES/coreutils-nfsv4-acls.patch
+++ b/SOURCES/coreutils-nfsv4-acls.patch
@ -0,0 +1,625 @@
+From 5a6af47c3db45b6303bac4dcd6da186fd5cd178c Mon Sep 17 00:00:00 2001
+From: Ondrej Valousek <ondrej.valousek.xm@renesas.com>
+Date: Fri, 2 Dec 2022 13:40:19 +0100
+Subject: [PATCH 1/3] file-has-acl: Basic support for checking NFSv4 ACLs in
+ Linux.
+
+* lib/acl-internal.h (acl_nfs4_nontrivial): New declaration.
+* lib/acl-internal.c (acl_nfs4_nontrivial): New function.
+* lib/file-has-acl.c: Include <arpa/inet.h>.
+(XATTR_NAME_NFSV4_ACL, TRIVIAL_NFS4_ACL_MAX_LENGTH): New macros.
+(file_has_acl): Test for NFSv4 ACLs.
+* doc/acl-nfsv4.txt: New file.
+
+Upstream-commit: b0604a8e134dbcc307c0ffdd5ebd3693e9de7081
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ doc/acl-nfsv4.txt  |  17 ++++++++
+ lib/acl-internal.c | 100 +++++++++++++++++++++++++++++++++++++++++++++
+ lib/acl-internal.h |   3 ++
+ lib/file-has-acl.c |  21 ++++++++++
+ 4 files changed, 141 insertions(+)
+ create mode 100644 doc/acl-nfsv4.txt
+
+diff --git a/doc/acl-nfsv4.txt b/doc/acl-nfsv4.txt
+new file mode 100644
+index 0000000..71352f5
+--- /dev/null
+++ b/doc/acl-nfsv4.txt
+@@ -0,0 +1,17 @@
+General introduction:
+   https://linux.die.net/man/5/nfs4_acl
+
+The NFSv4 acls are defined in RFC7530 and as such, every NFSv4 server supporting ACLs
+will support this kind of ACLs (note the difference from POSIX draft ACLs)
+
+The ACLs can be obtained via the nfsv4-acl-tools, i.e.
+
+$ nfs4_getfacl <file>
+
+# file: <file>
+A::OWNER@:rwaDxtTnNcCy
+A::GROUP@:rwaDxtTnNcy
+A::EVERYONE@:rwaDxtTnNcy
+
+Gnulib is aiming to only provide a basic support of these, i.e. recognize trivial
+and non-trivial ACLs
+diff --git a/lib/acl-internal.c b/lib/acl-internal.c
+index be244c6..4c65dff 100644
+--- a/lib/acl-internal.c
+++ b/lib/acl-internal.c
+@@ -25,6 +25,9 @@
+ 
+ #if USE_ACL && HAVE_ACL_GET_FILE
+ 
+# include <string.h>
+# include <arpa/inet.h>
+
+ # if HAVE_ACL_TYPE_EXTENDED /* Mac OS X */
+ 
+ /* ACL is an ACL, from a file, stored as type ACL_TYPE_EXTENDED.
+@@ -122,6 +125,103 @@ acl_default_nontrivial (acl_t acl)
+   return (acl_entries (acl) > 0);
+ }
+ 
+#  define ACE4_WHO_OWNER    "OWNER@"
+#  define ACE4_WHO_GROUP    "GROUP@"
+#  define ACE4_WHO_EVERYONE "EVERYONE@"
+
+#  define ACE4_ACCESS_ALLOWED_ACE_TYPE   0
+#  define ACE4_ACCESS_DENIED_ACE_TYPE    1
+
+/* ACE flag values */
+#  define ACE4_IDENTIFIER_GROUP          0x00000040
+#  define ROUNDUP(x, y)                  (((x) + (y) - 1) & - (y))
+
+int
+acl_nfs4_nontrivial (char *xattr, int len)
+{
+  int      bufs = len;
+  uint32_t num_aces = ntohl (*((uint32_t*)(xattr))), /* Grab the number of aces in the acl */
+           num_a_aces = 0,
+           num_d_aces = 0;
+  char *bufp = xattr;
+
+  bufp += 4;  /* sizeof(uint32_t); */
+  bufs -= 4;
+
+  for (uint32_t ace_n = 0; num_aces > ace_n ; ace_n++)
+    {
+      int      d_ptr;
+      uint32_t flag,
+               wholen,
+               type;
+
+      /* Get the acl type */
+      if (bufs <= 0)
+        return -1;
+
+      type = ntohl (*((uint32_t*)bufp));
+
+      bufp += 4;
+      bufs -= 4;
+      if (bufs <= 0)
+        return -1;
+
+      flag = ntohl (*((uint32_t*)bufp));
+      /* As per RFC 7530, the flag should be 0, but we are just generous to Netapp
+       * and also accept the Group flag
+       */
+      if (flag & ~ACE4_IDENTIFIER_GROUP)
+        return 1;
+
+      /* we skip mask -
+       * it's too risky to test it and it does not seem to be actually needed */
+      bufp += 2*4;
+      bufs -= 2*4;
+
+      if (bufs <= 0)
+        return -1;
+
+      wholen = ntohl (*((uint32_t*)bufp));
+
+      bufp += 4;
+      bufs -= 4;
+
+      /* Get the who string */
+      if (bufs <= 0)
+        return -1;
+
+      /* for trivial ACL, we expect max 5 (typically 3) ACES, 3 Allow, 2 deny */
+      if (((strncmp (bufp, ACE4_WHO_OWNER, wholen) == 0)
+          || (strncmp (bufp, ACE4_WHO_GROUP, wholen) == 0))
+          &&  wholen == 6)
+        {
+          if (type == ACE4_ACCESS_ALLOWED_ACE_TYPE)
+            num_a_aces++;
+          if (type == ACE4_ACCESS_DENIED_ACE_TYPE)
+            num_d_aces++;
+        }
+      else
+        if ((strncmp (bufp, ACE4_WHO_EVERYONE, wholen) == 0)
+            && (type == ACE4_ACCESS_ALLOWED_ACE_TYPE)
+            && (wholen == 9))
+          num_a_aces++;
+        else
+          return 1;
+
+      d_ptr = ROUNDUP (wholen, 4);
+      bufp += d_ptr;
+      bufs -= d_ptr;
+
+      /* Make sure we aren't outside our domain */
+      if (bufs < 0)
+        return -1;
+
+    }
+  return !((num_a_aces <= 3) && (num_d_aces <= 2)
+         && (num_a_aces + num_d_aces == num_aces));
+
+}
+
+ # endif
+ 
+ #elif USE_ACL && HAVE_FACL && defined GETACL /* Solaris, Cygwin, not HP-UX */
+diff --git a/lib/acl-internal.h b/lib/acl-internal.h
+index 9353376..2a249ff 100644
+--- a/lib/acl-internal.h
+++ b/lib/acl-internal.h
+@@ -143,6 +143,9 @@ rpl_acl_set_fd (int fd, acl_t acl)
+ #   define acl_entries rpl_acl_entries
+ extern int acl_entries (acl_t);
+ #  endif
+/* Return 1 if given ACL in XDR format is non-trivial
+ * Return 0 if it is trivial */
+extern int acl_nfs4_nontrivial (char *, int);
+ 
+ #  if HAVE_ACL_TYPE_EXTENDED /* Mac OS X */
+ /* ACL is an ACL, from a file, stored as type ACL_TYPE_EXTENDED.
+diff --git a/lib/file-has-acl.c b/lib/file-has-acl.c
+index e02f062..1710234 100644
+--- a/lib/file-has-acl.c
+++ b/lib/file-has-acl.c
+@@ -32,6 +32,11 @@
+ #if GETXATTR_WITH_POSIX_ACLS
+ # include <sys/xattr.h>
+ # include <linux/xattr.h>
+# include <arpa/inet.h>
+# ifndef XATTR_NAME_NFSV4_ACL
+#  define XATTR_NAME_NFSV4_ACL "system.nfs4_acl"
+# endif
+# define TRIVIAL_NFS4_ACL_MAX_LENGTH 128
+ #endif
+ 
+ /* Return 1 if NAME has a nontrivial access control list,
+@@ -67,6 +72,22 @@ file_has_acl (char const *name, struct stat const *sb)
+             return 1;
+         }
+ 
+      if (ret < 0)
+        { /* we might be on NFS, so try to check NFSv4 ACLs too */
+          char xattr[TRIVIAL_NFS4_ACL_MAX_LENGTH];
+
+          errno = 0; /* we need to reset errno set by the previous getxattr() */
+          ret = getxattr (name, XATTR_NAME_NFSV4_ACL, xattr, TRIVIAL_NFS4_ACL_MAX_LENGTH);
+          if (ret < 0 && errno == ENODATA)
+            ret = 0;
+          else
+            if (ret < 0 && errno == ERANGE)
+              return 1;  /* we won't fit into the buffer, so non-trivial ACL is presented */
+            else
+              if (ret > 0)
+                /* looks like trivial ACL, but we need to investigate further */
+                return acl_nfs4_nontrivial (xattr, ret);
+        }
+       if (ret < 0)
+         return - acl_errno_valid (errno);
+       return ret;
+-- 
+2.38.1
+
+
+From c5266d204a446bea619fa18da8520dceb0a54192 Mon Sep 17 00:00:00 2001
+From: Paul Eggert <eggert@cs.ucla.edu>
+Date: Fri, 23 Dec 2022 15:18:29 -0800
+Subject: [PATCH 2/3] file-has-acl: improve recent NFSv4 support
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This fixes a link failure with emacsclient on GNU/Linux.  This
+program wants file_has_acl but none of the other ACL primitives,
+so it doesn’t link acl-internal.o; this way it doesn’t need to
+link with -lacl.  While I was at it I reviewed the recent changes,
+fixed some unlikely overflow bugs, and adjusted to GNU style.
+* doc/acl-nfsv4.txt: Remove.  Its contents are now in a
+comment in lib/file-has-acl.c.
+* lib/acl-internal.c, lib/acl-internal.h: Move recent changes
+relating to acl_nfs4_nontrivial to lib/file-has-acl.c, so that
+there is no trouble linking programs that need only file_has_acl.
+* lib/file-has-acl.c (acl_nfs4_nontrivial): Move here from
+lib/acl-internal.c, so that we needn't link -lacl in
+programs that want only file_has_acl, such as emacsclient.
+Do not assume a char buffer is aligned for uint32_t.
+Check more carefully for buffer read overrun.
+Allow up to 6 ACEs, since other code does; but check
+that they’re distinct.  Avoid integer overflow.
+Use memcmp rather than strncmp to compare memory blocks.
+(file_has_acl): Preserve initial errno instead of setting to 0.
+Allocate a bit more room for trivial ACL buffer.
+Use EINVAL for botchedk NFSv4 ACLs (which shouldn’t happen).
+
+Upstream-commit: 35bd46f0c816948dc1a0430c8ba8b10a01167320
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ doc/acl-nfsv4.txt  |  17 ------
+ lib/acl-internal.c | 100 -----------------------------------
+ lib/acl-internal.h |   3 --
+ lib/file-has-acl.c | 129 +++++++++++++++++++++++++++++++++++++++------
+ 4 files changed, 113 insertions(+), 136 deletions(-)
+ delete mode 100644 doc/acl-nfsv4.txt
+
+diff --git a/doc/acl-nfsv4.txt b/doc/acl-nfsv4.txt
+deleted file mode 100644
+index 71352f5..0000000
+--- a/doc/acl-nfsv4.txt
+++ /dev/null
+@@ -1,17 +0,0 @@
+-General introduction:
+-   https://linux.die.net/man/5/nfs4_acl
+-
+-The NFSv4 acls are defined in RFC7530 and as such, every NFSv4 server supporting ACLs
+-will support this kind of ACLs (note the difference from POSIX draft ACLs)
+-
+-The ACLs can be obtained via the nfsv4-acl-tools, i.e.
+-
+-$ nfs4_getfacl <file>
+-
+-# file: <file>
+-A::OWNER@:rwaDxtTnNcCy
+-A::GROUP@:rwaDxtTnNcy
+-A::EVERYONE@:rwaDxtTnNcy
+-
+-Gnulib is aiming to only provide a basic support of these, i.e. recognize trivial
+-and non-trivial ACLs
+diff --git a/lib/acl-internal.c b/lib/acl-internal.c
+index 4c65dff..be244c6 100644
+--- a/lib/acl-internal.c
+++ b/lib/acl-internal.c
+@@ -25,9 +25,6 @@
+ 
+ #if USE_ACL && HAVE_ACL_GET_FILE
+ 
+-# include <string.h>
+-# include <arpa/inet.h>
+-
+ # if HAVE_ACL_TYPE_EXTENDED /* Mac OS X */
+ 
+ /* ACL is an ACL, from a file, stored as type ACL_TYPE_EXTENDED.
+@@ -125,103 +122,6 @@ acl_default_nontrivial (acl_t acl)
+   return (acl_entries (acl) > 0);
+ }
+ 
+-#  define ACE4_WHO_OWNER    "OWNER@"
+-#  define ACE4_WHO_GROUP    "GROUP@"
+-#  define ACE4_WHO_EVERYONE "EVERYONE@"
+-
+-#  define ACE4_ACCESS_ALLOWED_ACE_TYPE   0
+-#  define ACE4_ACCESS_DENIED_ACE_TYPE    1
+-
+-/* ACE flag values */
+-#  define ACE4_IDENTIFIER_GROUP          0x00000040
+-#  define ROUNDUP(x, y)                  (((x) + (y) - 1) & - (y))
+-
+-int
+-acl_nfs4_nontrivial (char *xattr, int len)
+-{
+-  int      bufs = len;
+-  uint32_t num_aces = ntohl (*((uint32_t*)(xattr))), /* Grab the number of aces in the acl */
+-           num_a_aces = 0,
+-           num_d_aces = 0;
+-  char *bufp = xattr;
+-
+-  bufp += 4;  /* sizeof(uint32_t); */
+-  bufs -= 4;
+-
+-  for (uint32_t ace_n = 0; num_aces > ace_n ; ace_n++)
+-    {
+-      int      d_ptr;
+-      uint32_t flag,
+-               wholen,
+-               type;
+-
+-      /* Get the acl type */
+-      if (bufs <= 0)
+-        return -1;
+-
+-      type = ntohl (*((uint32_t*)bufp));
+-
+-      bufp += 4;
+-      bufs -= 4;
+-      if (bufs <= 0)
+-        return -1;
+-
+-      flag = ntohl (*((uint32_t*)bufp));
+-      /* As per RFC 7530, the flag should be 0, but we are just generous to Netapp
+-       * and also accept the Group flag
+-       */
+-      if (flag & ~ACE4_IDENTIFIER_GROUP)
+-        return 1;
+-
+-      /* we skip mask -
+-       * it's too risky to test it and it does not seem to be actually needed */
+-      bufp += 2*4;
+-      bufs -= 2*4;
+-
+-      if (bufs <= 0)
+-        return -1;
+-
+-      wholen = ntohl (*((uint32_t*)bufp));
+-
+-      bufp += 4;
+-      bufs -= 4;
+-
+-      /* Get the who string */
+-      if (bufs <= 0)
+-        return -1;
+-
+-      /* for trivial ACL, we expect max 5 (typically 3) ACES, 3 Allow, 2 deny */
+-      if (((strncmp (bufp, ACE4_WHO_OWNER, wholen) == 0)
+-          || (strncmp (bufp, ACE4_WHO_GROUP, wholen) == 0))
+-          &&  wholen == 6)
+-        {
+-          if (type == ACE4_ACCESS_ALLOWED_ACE_TYPE)
+-            num_a_aces++;
+-          if (type == ACE4_ACCESS_DENIED_ACE_TYPE)
+-            num_d_aces++;
+-        }
+-      else
+-        if ((strncmp (bufp, ACE4_WHO_EVERYONE, wholen) == 0)
+-            && (type == ACE4_ACCESS_ALLOWED_ACE_TYPE)
+-            && (wholen == 9))
+-          num_a_aces++;
+-        else
+-          return 1;
+-
+-      d_ptr = ROUNDUP (wholen, 4);
+-      bufp += d_ptr;
+-      bufs -= d_ptr;
+-
+-      /* Make sure we aren't outside our domain */
+-      if (bufs < 0)
+-        return -1;
+-
+-    }
+-  return !((num_a_aces <= 3) && (num_d_aces <= 2)
+-         && (num_a_aces + num_d_aces == num_aces));
+-
+-}
+-
+ # endif
+ 
+ #elif USE_ACL && HAVE_FACL && defined GETACL /* Solaris, Cygwin, not HP-UX */
+diff --git a/lib/acl-internal.h b/lib/acl-internal.h
+index 2a249ff..9353376 100644
+--- a/lib/acl-internal.h
+++ b/lib/acl-internal.h
+@@ -143,9 +143,6 @@ rpl_acl_set_fd (int fd, acl_t acl)
+ #   define acl_entries rpl_acl_entries
+ extern int acl_entries (acl_t);
+ #  endif
+-/* Return 1 if given ACL in XDR format is non-trivial
+- * Return 0 if it is trivial */
+-extern int acl_nfs4_nontrivial (char *, int);
+ 
+ #  if HAVE_ACL_TYPE_EXTENDED /* Mac OS X */
+ /* ACL is an ACL, from a file, stored as type ACL_TYPE_EXTENDED.
+diff --git a/lib/file-has-acl.c b/lib/file-has-acl.c
+index 1710234..676523b 100644
+--- a/lib/file-has-acl.c
+++ b/lib/file-has-acl.c
+@@ -29,14 +29,97 @@
+ 
+ #include "acl-internal.h"
+ 
+-#if GETXATTR_WITH_POSIX_ACLS
+#if USE_ACL && GETXATTR_WITH_POSIX_ACLS
+# include <string.h>
+# include <arpa/inet.h>
+ # include <sys/xattr.h>
+ # include <linux/xattr.h>
+-# include <arpa/inet.h>
+ # ifndef XATTR_NAME_NFSV4_ACL
+ #  define XATTR_NAME_NFSV4_ACL "system.nfs4_acl"
+ # endif
+-# define TRIVIAL_NFS4_ACL_MAX_LENGTH 128
+
+enum {
+  /* ACE4_ACCESS_ALLOWED_ACE_TYPE = 0x00000000, */
+  ACE4_ACCESS_DENIED_ACE_TYPE  = 0x00000001,
+  ACE4_IDENTIFIER_GROUP        = 0x00000040
+};
+
+/* Return 1 if given ACL in XDR format is non-trivial, 0 if it is trivial.
+   -1 upon failure to determine it.  Possibly change errno.  Assume that
+   the ACL is valid, except avoid undefined behavior even if invalid.
+
+   See <https://linux.die.net/man/5/nfs4_acl>.  The NFSv4 acls are
+   defined in Internet RFC 7530 and as such, every NFSv4 server
+   supporting ACLs should support NFSv4 ACLs (they differ from from
+   POSIX draft ACLs).  The ACLs can be obtained via the
+   nfsv4-acl-tools, e.g., the nfs4_getfacl command.  Gnulib provides
+   only basic support of NFSv4 ACLs, i.e., recognize trivial vs
+   nontrivial ACLs.  */
+
+static int
+acl_nfs4_nontrivial (uint32_t *xattr, ssize_t nbytes)
+{
+  enum { BYTES_PER_NETWORK_UINT = 4};
+
+  /* Grab the number of aces in the acl.  */
+  nbytes -= BYTES_PER_NETWORK_UINT;
+  if (nbytes < 0)
+    return -1;
+  uint32_t num_aces = ntohl (*xattr++);
+  if (6 < num_aces)
+    return 1;
+  int ace_found = 0;
+
+  for (int ace_n = 0; ace_n < num_aces; ace_n++)
+    {
+      /* Get the acl type and flag.  Skip the mask; it's too risky to
+         test it and it does not seem to be needed.  Get the wholen.  */
+      nbytes -= 4 * BYTES_PER_NETWORK_UINT;
+      if (nbytes < 0)
+        return -1;
+      uint32_t type = ntohl (xattr[0]);
+      uint32_t flag = ntohl (xattr[1]);
+      uint32_t wholen = ntohl (xattr[3]);
+      xattr += 4;
+      int64_t wholen4 = wholen;
+      wholen4 = ((wholen4 + (BYTES_PER_NETWORK_UINT))
+                 & ~ (BYTES_PER_NETWORK_UINT - 1));
+
+      /* Trivial ACLs have only ACE4_ACCESS_ALLOWED_ACE_TYPE or
+         ACE4_ACCESS_DENIED_ACE_TYPE.  */
+      if (ACE4_ACCESS_DENIED_ACE_TYPE < type)
+        return 1;
+
+      /* RFC 7530 says FLAG should be 0, but be generous to NetApp and
+         also accept the group flag.  */
+      if (flag & ~ACE4_IDENTIFIER_GROUP)
+        return 1;
+
+      /* Get the who string.  Check NBYTES - WHOLEN4 before storing
+         into NBYTES, to avoid truncation on conversion.  */
+      if (nbytes - wholen4 < 0)
+        return -1;
+      nbytes -= wholen4;
+
+      /* For a trivial ACL, max 6 (typically 3) ACEs, 3 allow, 3 deny.
+         Check that there is at most one ACE of each TYPE and WHO.  */
+      int who2
+        = (wholen == 6 && memcmp (xattr, "OWNER@", 6) == 0 ? 0
+           : wholen == 6 && memcmp (xattr, "GROUP@", 6) == 0 ? 2
+           : wholen == 9 && memcmp (xattr, "EVERYONE@", 9) == 0 ? 4
+           : -1);
+      if (who2 < 0)
+        return 1;
+      int ace_found_bit = 1 << (who2 | type);
+      if (ace_found & ace_found_bit)
+        return 1;
+      ace_found |= ace_found_bit;
+
+      xattr = (uint32_t *) ((char *) xattr + wholen4);
+    }
+
+  return 0;
+}
+ #endif
+ 
+ /* Return 1 if NAME has a nontrivial access control list,
+@@ -56,6 +139,7 @@ file_has_acl (char const *name, struct stat const *sb)
+ # if GETXATTR_WITH_POSIX_ACLS
+ 
+       ssize_t ret;
+      int initial_errno = errno;
+ 
+       ret = getxattr (name, XATTR_NAME_POSIX_ACL_ACCESS, NULL, 0);
+       if (ret < 0 && errno == ENODATA)
+@@ -73,20 +157,33 @@ file_has_acl (char const *name, struct stat const *sb)
+         }
+ 
+       if (ret < 0)
+-        { /* we might be on NFS, so try to check NFSv4 ACLs too */
+-          char xattr[TRIVIAL_NFS4_ACL_MAX_LENGTH];
+-
+-          errno = 0; /* we need to reset errno set by the previous getxattr() */
+-          ret = getxattr (name, XATTR_NAME_NFSV4_ACL, xattr, TRIVIAL_NFS4_ACL_MAX_LENGTH);
+-          if (ret < 0 && errno == ENODATA)
+-            ret = 0;
+        {
+          /* Check for NFSv4 ACLs.  The max length of a trivial
+             ACL is 6 words for owner, 6 for group, 7 for everyone,
+             all times 2 because there are both allow and deny ACEs.
+             There are 6 words for owner because of type, flag, mask,
+             wholen, "OWNER@"+pad and similarly for group; everyone is
+             another word to hold "EVERYONE@".  */
+          uint32_t xattr[2 * (6 + 6 + 7)];
+
+          ret = getxattr (name, XATTR_NAME_NFSV4_ACL, xattr, sizeof xattr);
+          if (ret < 0)
+            switch (errno)
+              {
+              case ENODATA: return 0;
+              case ERANGE : return 1; /* ACL must be nontrivial.  */
+              }
+           else
+-            if (ret < 0 && errno == ERANGE)
+-              return 1;  /* we won't fit into the buffer, so non-trivial ACL is presented */
+-            else
+-              if (ret > 0)
+-                /* looks like trivial ACL, but we need to investigate further */
+-                return acl_nfs4_nontrivial (xattr, ret);
+            {
+              /* It looks like a trivial ACL, but investigate further.  */
+              ret = acl_nfs4_nontrivial (xattr, ret);
+              if (ret < 0)
+                {
+                  errno = EINVAL;
+                  return ret;
+                }
+              errno = initial_errno;
+            }
+         }
+       if (ret < 0)
+         return - acl_errno_valid (errno);
+-- 
+2.38.1
+
+
+From faf965110372c82cd99e9f44f0c64f03cdabb2c1 Mon Sep 17 00:00:00 2001
+From: Paul Eggert <eggert@cs.ucla.edu>
+Date: Tue, 27 Dec 2022 20:00:58 -0800
+Subject: [PATCH 3/3] file-has-acl: fix recently-introduced NFSv4 bug
+
+* lib/file-has-acl.c (acl_nfs4_nontrivial): Fix off-by-one
+error when rounding WHOLEN up to next multiple of 4.
+Pacify GCC 12.2.1 -Wcast-align.
+
+Upstream-commit: d65e5a8ba77595a598c9ddb8dfa09c4aea732659
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ lib/file-has-acl.c | 9 +++++----
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/lib/file-has-acl.c b/lib/file-has-acl.c
+index 676523b..7876edc 100644
+--- a/lib/file-has-acl.c
+++ b/lib/file-has-acl.c
+@@ -81,9 +81,10 @@ acl_nfs4_nontrivial (uint32_t *xattr, ssize_t nbytes)
+       uint32_t flag = ntohl (xattr[1]);
+       uint32_t wholen = ntohl (xattr[3]);
+       xattr += 4;
+-      int64_t wholen4 = wholen;
+-      wholen4 = ((wholen4 + (BYTES_PER_NETWORK_UINT))
+-                 & ~ (BYTES_PER_NETWORK_UINT - 1));
+      int whowords = (wholen / BYTES_PER_NETWORK_UINT
+                      + (wholen % BYTES_PER_NETWORK_UINT != 0));
+      int64_t wholen4 = whowords;
+      wholen4 *= BYTES_PER_NETWORK_UINT;
+ 
+       /* Trivial ACLs have only ACE4_ACCESS_ALLOWED_ACE_TYPE or
+          ACE4_ACCESS_DENIED_ACE_TYPE.  */
+@@ -115,7 +116,7 @@ acl_nfs4_nontrivial (uint32_t *xattr, ssize_t nbytes)
+         return 1;
+       ace_found |= ace_found_bit;
+ 
+-      xattr = (uint32_t *) ((char *) xattr + wholen4);
+      xattr += whowords;
+     }
+ 
+   return 0;
+-- 
+2.38.1
+
--- a/SPECS/coreutils.spec
+++ b/SPECS/coreutils.spec
@ -1,7 +1,7 @@
 Summary: A set of basic GNU tools commonly used in shell scripts
 Name:    coreutils
 Version: 8.30
-Release: 12%{?dist}
+Release: 15%{?dist}
 License: GPLv3+
 Group:   System Environment/Base
 Url:     https://www.gnu.org/software/coreutils/
@ -50,14 +50,23 @@ Patch11:  coreutils-8.32-fuse-portal.patch
 # tail: fix stack out-of-bounds write with --follow (#1974784)
 Patch12:  coreutils-8.30-tail-use-poll.patch

+# doc: improve description of the --kibibytes option of ls (#1527391)
+Patch13: coreutils-8.22-doc-ls-kibibytes.patch
+
 # df: fix duplicated remote entries due to bind mounts (#1962515)
 Patch17:  coreutils-8.32-df-duplicated-entries.patch

+# ls, stat: avoid triggering automounts (#2044981)
+Patch18:  coreutils-9.0-autofs-no-mount.patch
+
+# basic support for checking NFSv4 ACLs (#2158747)
+Patch19:  coreutils-nfsv4-acls.patch
+
 # disable the test-lock gnulib test prone to deadlock
 Patch100: coreutils-8.26-test-lock.patch

 # require_selinux_(): use selinuxenabled(8) if available
-Patch105: coreutils-8.26-selinuxenable.patch
+Patch101: coreutils-8.26-selinuxenable.patch

 # downstream changes to default DIR_COLORS
 Patch102: coreutils-8.25-DIR_COLORS.patch
@ -79,8 +88,6 @@ Patch800: coreutils-i18n.patch
 Patch801: coreutils-i18n-expand-unexpand.patch
 # i18n patch for cut - old version - used
 Patch804: coreutils-i18n-cut-old.patch
-# The unexpand patch above is not correct. Sent to the patch authors
-Patch803: coreutils-i18n-fix-unexpand.patch
 #(un)expand - allow multiple files on input - broken by patch 801
 Patch805: coreutils-i18n-fix2-expand-unexpand.patch
 #(un)expand - test BOM headers
@ -286,6 +293,17 @@ fi
 %license COPYING

 %changelog
+* Mon Jan 02 2023 Kamil Dudka <kdudka@redhat.com> - 8.30-15
+- basic support for checking NFSv4 ACLs (#2158747)
+
+* Mon Aug 01 2022 Kamil Dudka <kdudka@redhat.com> - 8.30-14
+- prevent unexpand from failing on control characters (#2112870)
+
+* Tue Mar 01 2022 Kamil Dudka <kdudka@redhat.com> - 8.30-13
+- ls, stat: avoid triggering automounts (#2044981)
+- make `df --direct` work again (#2058686)
+- doc: improve description of the --kibibytes option of ls (#1527391)
+
 * Wed Jul 07 2021 Kamil Dudka <kdudka@redhat.com> - 8.30-12
 - df: fix duplicated remote entries due to bind mounts (#1962515)
Author	SHA1	Message	Date
CentOS Sources	ac4eac76af	import coreutils-8.30-15.el8	2023-05-17 01:15:09 +00:00
CentOS Sources	c2453ed2f8	import coreutils-8.30-13.el8	2022-11-08 07:04:48 +00:00