coreutils-selinux 9.2-3 update

author: Nicolas Iooss 2023-04-09 16:53:51 +0200
committer: Nicolas Iooss 2023-04-09 16:53:51 +0200
commit: db894d027f76444a0de93aac2e9449b9f304b1ac (patch)
tree: 20c8fa7ec78065fd64a6608b0fc3e75518c0fff7
parent: cab7bfddf62073cccc0553afff56b25c46dad3f2 (diff)
download: aur-db894d027f76444a0de93aac2e9449b9f304b1ac.tar.gz
5 files changed, 247 insertions, 13 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 40aa18d1cbcb..9ccab9d58c48 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,7 +1,7 @@
 pkgbase = coreutils-selinux
 	pkgdesc = The basic file, shell and text manipulation utilities of the GNU operating system with SELinux support
 	pkgver = 9.2
-	pkgrel = 1
+	pkgrel = 3
 	url = https://www.gnu.org/software/coreutils/
 	arch = x86_64
 	arch = aarch64
@@ -14,14 +14,22 @@ pkgbase = coreutils-selinux
 	depends = libcap
 	depends = openssl
 	depends = libselinux
-	provides = coreutils=9.2-1
-	provides = selinux-coreutils=9.2-1
+	provides = coreutils=9.2-3
+	provides = selinux-coreutils=9.2-3
 	conflicts = coreutils
 	conflicts = selinux-coreutils
 	source = https://ftp.gnu.org/gnu/coreutils/coreutils-9.2.tar.xz
 	source = https://ftp.gnu.org/gnu/coreutils/coreutils-9.2.tar.xz.sig
+	source = 01-FS#77969.patch::https://git.savannah.gnu.org/cgit/coreutils.git/patch/?id=76f2fb627118a26c25003dbd98c22c153b7ee1d2
+	source = copy-fix-reflink-auto-fallback.patch
+	source = gnulib-backupfile-62607.patch
+	source = coreutils-backup-62607.patch
 	validpgpkeys = 6C37DC12121A5006BC1DB804DF6FD971306037D9
 	sha256sums = 6885ff47b9cdb211de47d368c17853f406daaf98b148aaecdf10de29cc04b0b3
 	sha256sums = SKIP
+	sha256sums = a3cc5d1548bd6a26e1b8f4cff076862243af9faaffc4c257a0c766457fd028cc
+	sha256sums = 4b2ac873a9cb4a825bb90e964383ca0cb956ece347e9ded5387ddd8ff293855b
+	sha256sums = 5455ce8f736d5d8f5c7a5c8b70b4ec46a7e050125924f2135af4fbf685bddda6
+	sha256sums = 10a8ea0b14c5254775c3817a31a07928c0609ca3eaec78fcecddeefe95101b9d
 
 pkgname = coreutils-selinux
diff --git a/PKGBUILD b/PKGBUILD
index 907308cc7496..8a4474c92782 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -11,7 +11,7 @@
 
 pkgname=coreutils-selinux
 pkgver=9.2
-pkgrel=1
+pkgrel=3
 pkgdesc='The basic file, shell and text manipulation utilities of the GNU operating system with SELinux support'
 arch=('x86_64' 'aarch64')
 license=('GPL3')
@@ -21,22 +21,30 @@ depends=('glibc' 'acl' 'attr' 'gmp' 'libcap' 'openssl' 'libselinux')
 conflicts=("${pkgname/-selinux}" "selinux-${pkgname/-selinux}")
 provides=("${pkgname/-selinux}=${pkgver}-${pkgrel}"
           "selinux-${pkgname/-selinux}=${pkgver}-${pkgrel}")
-source=("https://ftp.gnu.org/gnu/${pkgname/-selinux}/${pkgname/-selinux}-$pkgver.tar.xz"{,.sig})
+source=("https://ftp.gnu.org/gnu/${pkgname/-selinux}/${pkgname/-selinux}-$pkgver.tar.xz"{,.sig}
+        '01-FS#77969.patch::https://git.savannah.gnu.org/cgit/coreutils.git/patch/?id=76f2fb627118a26c25003dbd98c22c153b7ee1d2'
+        'copy-fix-reflink-auto-fallback.patch'
+        'gnulib-backupfile-62607.patch'
+        'coreutils-backup-62607.patch')
 validpgpkeys=('6C37DC12121A5006BC1DB804DF6FD971306037D9') # Pádraig Brady
 sha256sums=('6885ff47b9cdb211de47d368c17853f406daaf98b148aaecdf10de29cc04b0b3'
-            'SKIP')
+            'SKIP'
+            'a3cc5d1548bd6a26e1b8f4cff076862243af9faaffc4c257a0c766457fd028cc'
+            '4b2ac873a9cb4a825bb90e964383ca0cb956ece347e9ded5387ddd8ff293855b'
+            '5455ce8f736d5d8f5c7a5c8b70b4ec46a7e050125924f2135af4fbf685bddda6'
+            '10a8ea0b14c5254775c3817a31a07928c0609ca3eaec78fcecddeefe95101b9d')
 
 prepare() {
   cd ${pkgname/-selinux}-$pkgver
   # apply patch from the source array (should be a pacman feature)
-  local filename
-  for filename in "${source[@]}"; do
-    if [[ "$filename" =~ \.patch$ ]]; then
-      echo "Applying patch ${filename##*/}"
-      patch -p1 -N -i "$srcdir/${filename##*/}"
-    fi
+  local src
+  for src in "${source[@]}"; do
+    src="${src%%::*}"
+    src="${src##*/}"
+    [[ $src = *.patch ]] || continue
+    echo "Applying patch $src..."
+    patch -Np1 < "../$src"
   done
-  :
 
   # tail -F fails to find out that files are removed, in test VM
   # so disable the tests which verify this
diff --git a/copy-fix-reflink-auto-fallback.patch b/copy-fix-reflink-auto-fallback.patch
new file mode 100644
index 000000000000..22ede9b49657
--- /dev/null
+++ b/copy-fix-reflink-auto-fallback.patch
@@ -0,0 +1,136 @@
+From 093a8b4bfaba60005f14493ce7ef11ed665a0176 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
+Date: Thu, 23 Mar 2023 13:19:04 +0000
+Subject: copy: fix --reflink=auto to fallback in more cases
+
+On restricted systems like android or some containers,
+FICLONE could return EPERM, EACCES, or ENOTTY,
+which would have induced the command to fail to copy
+rather than falling back to a more standard copy.
+
+* src/copy.c (is_terminal_failure): A new function refactored
+from handle_clone_fail().
+(is_CLONENOTSUP): Merge in the handling of EACCES, ENOTTY, EPERM
+as they also pertain to determination of whether cloning is supported
+if we ever use this function in that context.
+(handle_clone_fail): Use is_terminal_failure() in all cases,
+so that we assume a terminal failure in less errno cases.
+* NEWS: Mention the bug fix.
+Addresses https://bugs.gnu.org/62404
+---
+ NEWS       |  8 ++++++++
+ src/copy.c | 62 +++++++++++++++++++++++++++++++++++---------------------------
+ 2 files changed, 43 insertions(+), 27 deletions(-)
+
+diff --git a/src/copy.c b/src/copy.c
+index 3919787..f8ba058 100644
+--- a/src/copy.c
++++ b/src/copy.c
+@@ -278,15 +278,27 @@ create_hole (int fd, char const *name, bool punch_holes, off_t size)
+ }
+ 
+ 
+-/* Whether the errno from FICLONE, or copy_file_range
+-   indicates operation is not supported for this file or file system.  */
++/* Whether the errno indicates the operation is a transient failure.
++   I.e., a failure that would indicate the operation _is_ supported,
++   but has failed in a terminal way.  */
++
++static bool
++is_terminal_error (int err)
++{
++  return err == EIO || err == ENOMEM || err == ENOSPC || err == EDQUOT;
++}
++
++
++/* Whether the errno from FICLONE, or copy_file_range indicates
++   the operation is not supported/allowed for this file or process.  */
+ 
+ static bool
+ is_CLONENOTSUP (int err)
+ {
+-  return err == ENOSYS || is_ENOTSUP (err)
++  return err == ENOSYS || err == ENOTTY || is_ENOTSUP (err)
+          || err == EINVAL || err == EBADF
+-         || err == EXDEV || err == ETXTBSY;
++         || err == EXDEV || err == ETXTBSY
++         || err == EPERM || err == EACCES;
+ }
+ 
+ 
+@@ -339,20 +351,18 @@ sparse_copy (int src_fd, int dest_fd, char **abuf, size_t buf_size,
+           {
+             copy_debug.offload = COPY_DEBUG_UNSUPPORTED;
+ 
+-            if (is_CLONENOTSUP (errno))
+-              break;
+-
+-            /* copy_file_range might not be enabled in seccomp filters,
+-               so retry with a standard copy.  EPERM can also occur
+-               for immutable files, but that would only be in the edge case
+-               where the file is made immutable after creating/truncating,
++            /* Consider operation unsupported only if no data copied.
++               For example, EPERM could occur if copy_file_range not enabled
++               in seccomp filters, so retry with a standard copy.  EPERM can
++               also occur for immutable files, but that would only be in the
++               edge case where the file is made immutable after creating,
+                in which case the (more accurate) error is still shown.  */
+-            if (errno == EPERM && *total_n_read == 0)
++            if (*total_n_read == 0 && is_CLONENOTSUP (errno))
+               break;
+ 
+             /* ENOENT was seen sometimes across CIFS shares, resulting in
+                no data being copied, but subsequent standard copies succeed.  */
+-            if (errno == ENOENT && *total_n_read == 0)
++            if (*total_n_read == 0 && errno == ENOENT)
+               break;
+ 
+             if (errno == EINTR)
+@@ -1172,17 +1182,15 @@ handle_clone_fail (int dst_dirfd, char const* dst_relname,
+                    char const* src_name, char const* dst_name,
+                    int dest_desc, bool new_dst, enum Reflink_type reflink_mode)
+ {
+-  /* If the clone operation is creating the destination,
+-     then don't try and cater for all non transient file system errors,
+-     and instead only cater for specific transient errors.  */
+-  bool transient_failure;
+-  if (dest_desc < 0) /* currently for fclonefileat().  */
+-    transient_failure = errno == EIO || errno == ENOMEM
+-                        || errno == ENOSPC || errno == EDQUOT;
+-  else /* currently for FICLONE.  */
+-    transient_failure = ! is_CLONENOTSUP (errno);
+-
+-  if (reflink_mode == REFLINK_ALWAYS || transient_failure)
++  /* When the clone operation fails, report failure only with errno values
++     known to mean trouble when the clone is supported and called properly.
++     Do not report failure merely because !is_CLONENOTSUP (errno),
++     as systems may yield oddball errno values here with FICLONE.
++     Also is_CLONENOTSUP() is not appropriate for the range of errnos
++     possible from fclonefileat(), so it's more consistent to avoid. */
++  bool report_failure = is_terminal_error (errno);
++
++  if (reflink_mode == REFLINK_ALWAYS || report_failure)
+     error (0, errno, _("failed to clone %s from %s"),
+            quoteaf_n (0, dst_name), quoteaf_n (1, src_name));
+ 
+@@ -1190,14 +1198,14 @@ handle_clone_fail (int dst_dirfd, char const* dst_relname,
+      but cloned no data.  */
+   if (new_dst /* currently not for fclonefileat().  */
+       && reflink_mode == REFLINK_ALWAYS
+-      && ((! transient_failure) || lseek (dest_desc, 0, SEEK_END) == 0)
++      && ((! report_failure) || lseek (dest_desc, 0, SEEK_END) == 0)
+       && unlinkat (dst_dirfd, dst_relname, 0) != 0 && errno != ENOENT)
+     error (0, errno, _("cannot remove %s"), quoteaf (dst_name));
+ 
+-  if (! transient_failure)
++  if (! report_failure)
+     copy_debug.reflink = COPY_DEBUG_UNSUPPORTED;
+ 
+-  if (reflink_mode == REFLINK_ALWAYS || transient_failure)
++  if (reflink_mode == REFLINK_ALWAYS || report_failure)
+     return false;
+ 
+   return true;
+-- 
+cgit v1.1
+
diff --git a/coreutils-backup-62607.patch b/coreutils-backup-62607.patch
new file mode 100644
index 000000000000..7d39aa5e6add
--- /dev/null
+++ b/coreutils-backup-62607.patch
@@ -0,0 +1,39 @@
+From 1a80fab339d52db7e284b4f2f41068d5d8dd7e4e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
+Date: Mon, 3 Apr 2023 18:12:33 +0100
+Subject: [PATCH] tests: cp: test --backup with subdirectories
+
+* tests/cp/backup-dir.sh: Add a test to ensure
+we rename appropriately when backing up through subdirs.
+* NEWS: Mention the bug fix.
+Addresses https://bugs.gnu.org/62607
+---
+ NEWS                   | 5 +++++
+ tests/cp/backup-dir.sh | 8 +++++++-
+ 2 files changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/tests/cp/backup-dir.sh b/tests/cp/backup-dir.sh
+index 6573d58e0..5c17498cf 100755
+--- a/tests/cp/backup-dir.sh
++++ b/tests/cp/backup-dir.sh
+@@ -1,5 +1,5 @@
+ #!/bin/sh
+-# Ensure that cp -b doesn't back up directories.
++# Ensure that cp -b handles directories appropriately
+ 
+ # Copyright (C) 2006-2023 Free Software Foundation, Inc.
+ 
+@@ -29,4 +29,10 @@ cp -ab x y || fail=1
+ test -d y/x || fail=1
+ test -d y/x~ && fail=1
+ 
++# Bug 62607.
++# This would fail to backup using rename, and thus fail to replace the file
++mkdir -p {src,dst}/foo || framework_failure_
++touch {src,dst}/foo/bar || framework_failure_
++cp --recursive --backup src/* dst || fail=1
++
+ Exit $fail
+-- 
+2.26.2
+
diff --git a/gnulib-backupfile-62607.patch b/gnulib-backupfile-62607.patch
new file mode 100644
index 000000000000..53f281269d44
--- /dev/null
+++ b/gnulib-backupfile-62607.patch
@@ -0,0 +1,43 @@
+From 418aa564ebff70c1d118a5d3307a6d0b147ff7a2 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
+Date: Mon, 3 Apr 2023 18:06:22 +0100
+Subject: [PATCH] backupfile: fix bug when renaming from subdirectory
+
+* lib/backupfile.c (backup_internal): Ensure we use the
+appropriate offset if operating on a subdirectory,
+i.e., on an updated sdir.
+Fixes https://bugs.gnu.org/62607
+---
+ ChangeLog        | 8 ++++++++
+ lib/backupfile.c | 7 ++++---
+ 2 files changed, 12 insertions(+), 3 deletions(-)
+
+diff --git a/lib/backupfile.c b/lib/backupfile.c
+index 9cca271343..5bcf924414 100644
+--- a/lib/backupfile.c
++++ b/lib/backupfile.c
+@@ -331,7 +331,7 @@ backupfile_internal (int dir_fd, char const *file,
+     return s;
+ 
+   DIR *dirp = NULL;
+-  int sdir = dir_fd;
++  int sdir = -1;
+   idx_t base_max = 0;
+   while (true)
+     {
+@@ -370,9 +370,10 @@ backupfile_internal (int dir_fd, char const *file,
+       if (! rename)
+         break;
+ 
+-      idx_t offset = backup_type == simple_backups ? 0 : base_offset;
++      dir_fd = sdir < 0 ? dir_fd : sdir;
++      idx_t offset = sdir < 0 ? 0 : base_offset;
+       unsigned flags = backup_type == simple_backups ? 0 : RENAME_NOREPLACE;
+-      if (renameatu (sdir, file + offset, sdir, s + offset, flags) == 0)
++      if (renameatu (dir_fd, file + offset, dir_fd, s + offset, flags) == 0)
+         break;
+       int e = errno;
+       if (! (e == EEXIST && extended))
+-- 
+2.26.2
+
author	Nicolas Iooss	2023-04-09 16:53:51 +0200
committer	Nicolas Iooss	2023-04-09 16:53:51 +0200
commit	db894d027f76444a0de93aac2e9449b9f304b1ac (patch)
tree	20c8fa7ec78065fd64a6608b0fc3e75518c0fff7
parent	cab7bfddf62073cccc0553afff56b25c46dad3f2 (diff)
download	aur-db894d027f76444a0de93aac2e9449b9f304b1ac.tar.gz