Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 672072 - pax-utils.eclass paxmark inconsistency caused by paxctl-ng bug
Summary: pax-utils.eclass paxmark inconsistency caused by paxctl-ng bug
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Hardened (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: The Gentoo Linux Hardened Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 672208
  Show dependency tree
 
Reported: 2018-11-27 17:59 UTC by Rick Farina (Zero_Chaos)
Modified: 2018-12-13 21:23 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Rick Farina (Zero_Chaos) gentoo-dev 2018-11-27 17:59:11 UTC 
An issue was found in the following block of code causing inconsistent pax marking success:

                        # First try paxctl-ng.
                        if type -p paxctl-ng >/dev/null && paxctl-ng -l ; then
                                einfo "XATTR_PAX marking -${flags} ${f} with paxctl-ng"
                                [[ ${dodefault} == "yes" ]] && paxctl-ng -d "${f}" >/dev/null 2>&1
                                [[ "${flags}" ]] || continue
                                paxctl-ng -l -${flags} "${f}" >/dev/null 2>&1 && continue
                        fi

                        # Next try setfattr.
                        if type -p setfattr >/dev/null; then
                                [[ "${flags//[!Ee]}" ]] || flags+="e" # bug 447150
                                einfo "XATTR_PAX marking -${flags} ${f} with setfattr"
                                [[ ${dodefault} == "yes" ]] && setfattr -x "user.pax.flags" "${f}" >/dev/null 2>&1
                                setfattr -n "user.pax.flags" -v "${flags}" "${f}" >/dev/null 2>&1 && continue
                        fi

paxctl-ng does not error when it tries to mark a file that doesn't exist:
zero@theprophet eclass % paxctl-ng -l -mr doesnotexist                                                                                                                        
zero@theprophet eclass % echo $?  

while setfattr does fail:
zero@theprophet eclass % setfattr -n "user.pax.flags" -v -mre doesnotexist                                                                                                    setfattr: doesnotexist: No such file or directory
zero@theprophet eclass % echo $?                                                                                                                                              1


Obviously, setfattr is correct in this regard, and paxctl-ng really shouldn't be ignoring ENOENT
Comment 1 Anthony Basile gentoo-dev 2018-12-13 21:01:11 UTC 
This should be fixed with elfix-0.9.4 which is in the tree.  Can you please test and start stabilize of 0.9.4.  You can recycle bug #672208.
Comment 2 Rick Farina (Zero_Chaos) gentoo-dev 2018-12-13 21:23:23 UTC 
bug fix, stabilization in process