[Toybox] cp --preserve questions.

José Bollo jobol at nonadev.net
Mon Dec 28 06:30:30 PST 2015 

Le dimanche 27 décembre 2015 à 14:37 -0600, Rob Landley a écrit :
> I recently went through Jose's cp --preserve patch from way back when, and hit:
> 
> +  if ((listlen = flistxattr(fdin, NULL, 0)) > 0 && (list = malloc(listlen))) {
> +    flistxattr(fdin, list, listlen);
> +    for (name = list ; (name - list) < listlen ; name += strlen(name)+1) {
> +      /* test if the xattribute have to be copied */
> +      if ((TT.preserve & p_xattr)
> +      || ((TT.preserve & p_mode) &&
> +              !strncmp(name,"system.posix_acl_",sizeof("system.posix_acl_")-1))
> +      || ((TT.preserve & p_context) &&
> +              !strncmp(name,"security.",sizeof("security.")-1)))
> +      {
> 
> Questions:
> 
> 1) Is the "security." prefix good enough for both smack and selinux?

Yes. I use "man 5 attr" to get details. See
http://linux.die.net/man/5/attr

> 2) You call flistxattr() to grab the length, then call flistxattr() again
> to fetch the data. Anybody else spot the race condition of an attribute
> being added between the two calls? If you increase the size of an existing
> xattr, will it be properly null terminate the last entry?

Right. the status of the second call must be checked. It returns -1 if
there is not enough space and errno is set to ERANGE.

> 3) p_mode means you're preserving the suid/sgid/sticky bits. I.E. you're
> calling fchown() on the thing to feed it bits you can't set in open().
> Why is there now a SECOND meaning, having to do with xattrs, meaning
> simply doing cp -p is now doing all these extra xattr system calls
> to check for "system.posix_acl_"?

IIRC, I studied the cp command coming from coreutils to produce that
behaviour. A quick check here
http://lingrok.org/xref/coreutils/src/copy.c#1360 should be a good entry
point. But it becomes far in the past...

> 4) It's only copying xattrs for files. Not for directories or anything
> else. Is this normal? (It's doing it because there's no openat() versions
> of these commands, see "nobody's updated this API since the 90's" rant
> earlier...)

That is maybe the same reason: copying regular files
http://lingrok.org/xref/coreutils/src/copy.c#1008 copies more things
than copying directories
http://lingrok.org/xref/coreutils/src/copy.c#1008
But I am not sure. Maybe is it an error.

> Anyway, I've done a first pass. Haven't got an environment set up to test
> it, but it compiled and "scripts/test.sh cp" didn't regress.

Great.
I heard that you had bad weather. Hopefully you're alright.

Regards
José

> 
> Rob
> _______________________________________________
> Toybox mailing list
> Toybox at lists.landley.net
> http://lists.landley.net/listinfo.cgi/toybox-landley.net

More information about the Toybox mailing list