Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 649418

Summary: security.capability extended attribute not preserved between different filesystems
Product: Portage Development Reporter: Arfrever Frehtes Taifersar Arahesis <arfrever.fta>
Component: CoreAssignee: Portage team <dev-portage>
Status: RESOLVED FIXED    
Severity: normal CC: kensington
Priority: Normal Keywords: InVCS
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://bugs.gentoo.org/show_bug.cgi?id=648840
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 651804    
Attachments: Patch

Description Arfrever Frehtes Taifersar Arahesis 2018-03-03 03:00:37 UTC 
When ${D} and ${ROOT} are on different filesystems, then 'if renamefailed:' branch in pym/portage/util/movefile.py is used:
https://gitweb.gentoo.org/proj/portage.git/tree/pym/portage/util/movefile.py?id=e43f6c583ed9205abbdcb11340c81d7dd97ccc11#n268

_copyxattr() is called before _apply_stat().
_apply_stat() calls _os.chown():
https://gitweb.gentoo.org/proj/portage.git/tree/pym/portage/util/movefile.py?id=e43f6c583ed9205abbdcb11340c81d7dd97ccc11#n28



os.chown() or /bin/chown deletes security.capability extended attribute:
# touch /tmp/test
# setfattr -n security.capability -v 0sAQAAAgAAgAAAAAAAAAAAAAAAAAA= /tmp/test
# getfattr -d -m - --absolute-names /tmp/test | grep -v "#.*"
security.capability=0sAQAAAgAAgAAAAAAAAAAAAAAAAAA=

# chown 0 /tmp/test
# getfattr -d -m - --absolute-names /tmp/test | grep -v "#.*"
# setfattr -n security.capability -v 0sAQAAAgAAgAAAAAAAAAAAAAAAAAA= /tmp/test
# getfattr -d -m - --absolute-names /tmp/test | grep -v "#.*"
security.capability=0sAQAAAgAAgAAAAAAAAAAAAAAAAAA=

# python -c 'import os; os.chown("/tmp/test", 0, 0)'
# getfattr -d -m - --absolute-names /tmp/test | grep -v "#.*"
# 



The solution is maybe to copy extended attributes after _apply_stat().
Comment 1 Arfrever Frehtes Taifersar Arahesis 2018-03-04 02:32:22 UTC 
Created attachment 522246 [details, diff]
Patch
Comment 2 Larry the Git Cow gentoo-dev 2018-03-04 02:38:51 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/proj/portage.git/commit/?id=ad72389ed8067d740dd0e3f975a33f0c1cbfd8b5

commit ad72389ed8067d740dd0e3f975a33f0c1cbfd8b5
Author:     Arfrever Frehtes Taifersar Arahesis <Arfrever@Apache.Org>
AuthorDate: 2018-03-04 02:25:34 +0000
Commit:     Zac Medico <zmedico@gentoo.org>
CommitDate: 2018-03-04 02:37:09 +0000

    movefile: Fix preservation of security.capability xattr
    
    Call _apply_stat() before copying extended attributes, because
    _apply_stat() calls os.chown() which results in deleting
    security.capability extended attribute.
    
    Bug: https://bugs.gentoo.org/649418

 pym/portage/util/movefile.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)}
Comment 3 Zac Medico gentoo-dev 2018-03-04 02:39:16 UTC 
Thanks!
Comment 4 Zac Medico gentoo-dev 2018-07-02 18:45:19 UTC 
Fixed in portage-2.3.40-r1.