From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: AS22989 209.51.188.0/24 X-Spam-Status: No, score=-4.0 required=3.0 tests=AWL,BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, RCVD_IN_DNSWL_LOW,SPF_HELO_NONE,SPF_PASS shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dcvr.yhbt.net (Postfix) with ESMTPS id CD6F11F619 for ; Wed, 11 Mar 2020 09:04:24 +0000 (UTC) Received: from localhost ([::1]:48308 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jBxHr-00034e-Cm for normalperson@yhbt.net; Wed, 11 Mar 2020 05:04:23 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43592) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jBxHm-00034D-GI for bug-gnulib@gnu.org; Wed, 11 Mar 2020 05:04:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jBxHk-0001x5-JN for bug-gnulib@gnu.org; Wed, 11 Mar 2020 05:04:17 -0400 Received: from us-smtp-1.mimecast.com ([207.211.31.81]:53400 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1jBxHk-0001wF-28 for bug-gnulib@gnu.org; Wed, 11 Mar 2020 05:04:16 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1583917454; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=DeDSqS0vskKeNiLKuX5x6Ie+QnD0VAN3+0fLQuDj8co=; b=KGJmU9bPjHkxYIhnBvw/6GwNXtnMaSq2mpFTOnylWBxUqt0cj2sBTvh8+IxwvcyydqGRPt s7Vog76ArtonWFTiKZKnAsw2mPOu2o6vVDkvBftl9A+TUaGUEiCzUXvMAQci3yko/F/yrE KJzY2vtQ3nd+MI52zkGgwn4NdGQ8R7I= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-119-9zK31vcdN9qrdfXTidYGpQ-1; Wed, 11 Mar 2020 05:04:08 -0400 X-MC-Unique: 9zK31vcdN9qrdfXTidYGpQ-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B5CF11005509; Wed, 11 Mar 2020 09:04:06 +0000 (UTC) Received: from nbkamil.localnet (unknown [10.43.7.217]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3B63760BEE; Wed, 11 Mar 2020 09:04:04 +0000 (UTC) From: Kamil Dudka To: Florian Weimer Subject: Re: [PATCH] fchmodat, lchmod: port to buggy Linux filesystems Date: Wed, 11 Mar 2020 10:04:04 +0100 Message-ID: <1847517.PYKUYFuaPT@nbkamil> In-Reply-To: <87o8t40zz7.fsf@mid.deneb.enyo.de> References: <20200213184209.34020-1-eggert@cs.ucla.edu> <34f3c06a-51a6-0aa5-cb0d-8d5cb2882a0a@draigBrady.com> <87o8t40zz7.fsf@mid.deneb.enyo.de> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 207.211.31.81 X-BeenThere: bug-gnulib@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Gnulib discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paul Eggert , bug-gnulib@gnu.org Errors-To: bug-gnulib-bounces+normalperson=yhbt.net@gnu.org Sender: "bug-gnulib" On Tuesday, March 10, 2020 8:30:36 PM CET Florian Weimer wrote: > * P=E1draig Brady: > > On 10/03/2020 11:52, Florian Weimer wrote: > >> * P=E1draig Brady: > >>> On 09/03/2020 18:51, Paul Eggert wrote: > >>>> On 3/9/20 10:30 AM, P=E1draig Brady wrote: > >>>>> A very similar "ENOTSUP" problem is being reported with coreutils-8= .32 > >>>>> with `mknod -m 666 /dev/random c 1 8` when trying to build Fedora > >>>>> rawhide in a chroot. > >>>>> https://bugzilla.redhat.com/1811038 > >>>>=20 > >>>> I don't understand that bug report. The strace diff you mentioned in > >>>> Comment 4 looks like the new mknod command is working. And yet the > >>>> original bug report says new mknod command is complaining "Operation > >>>> not > >>>> supported". > >>>>=20 > >>>> Is the problem that some filesystems don't work with the chmod > >>>> /proc/self/fd/NNN trick, and that it worked for you (the strace diff= ) > >>>> but not for Mohan (the original bug report)? > >>>=20 > >>> Right, the strace is from my working mknod(1) > >>> to show the differences between 8.31 and 8.32. > >>>=20 > >>> I've requested an strace from the failing system. > >>=20 > >> I guess it's possible that just isn't mounted at this point. > >>=20 > >> The glibc implementation will definitely *not* add racy fallback in > >> case /proc is not available, so this will not work until someone > >> implements the required system call. > >>=20 > >> It's not clear to my why the mknod command would need fchmodat at all. > >> With the -m argument, it should simply set the umask to 0, and pass > >> the mode bits to the mknod function. > >=20 > > umask is not used so as to cater for discrepancies between process and > > default ACL masks: > > https://git.sv.gnu.org/gitweb/?p=3Dcoreutils.git;a=3Dcommitdiff;h=3Dv8.= 21-51-ge > > 7198a67b > I just don't understand this explanation. Is the concern here that > you would get a different mode from the requested one if you use > umask+mknod and not mknod+some form of chmod? >=20 > > An update re this issue. > > The strace was supplied in https://bugzilla.redhat.com/1811038 > > which shows there is no fallback to chmod() in lchmod(). > > Now the gnulib code does fallback so this issue must be in the glibc > > implementation. > The glibc implementation needs /proc to avoid the race. There is no > way around that, otherwise we introduce a security vulnerability. As I understand it, the change of lchmod() behavior in glibc is intended. We do not want to revert it for obvious reasons. On the other hand, the=20 change of mknod behavior is unexpected and breaks existing software. Would not it make sense to fix this in mknod by turning the EOPNOTSUPP failure into a warning only? Kamil