Ubuntu
glibc package

libc6: fchownat ignores AT_SYMLINK_NOFOLLOW flag

Bug #59283 reported by Carthik Sharma
4
Affects Status Importance Assigned to Milestone
glibc (Ubuntu)
New
Undecided
Unassigned

Bug Description

Binary package hint: libc6

Originally reported using reportbug. Filing by proxy.

From: Jim Meyering <email address hidden>
To: "Ubuntu Bug Tracking System" <email address hidden>
Subject: libc6: fchownat ignores AT_SYMLINK_NOFOLLOW flag
Date: Sun, 03 Sep 2006 23:22:15 +0200
Message-ID: <email address hidden>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Lines: 77

Package: libc6
Version: 2.4-1ubuntu9
Severity: normal

*** Please type your report below this line ***
The fchownat function is supposed to operate on the named
symlink argument when given the AT_SYMLINK_NOFOLLOW option.
Unfortunately, with Ubuntu unstable (updated an hour or two ago)
it mistakenly dereferences a symlink and chowns the file it points
to instead. You can see that from the strace output below,
as well as from the tests that demonstrate the GID of the link
remains unchanged, yet the GID of the referent is changed.

On 2.6.17-6-686 #2 SMP, with libc6 version 2.4-1ubuntu9, one
of the coreutils-6.2-cvs "make check" tests fails.
Here's a pared-down test case:

----------------------------
$ cat demo
#!/bin/sh
# Create a file, then a symlink to it.
# Call fchownat on the symlink, with AT_SYMLINK_NOFOLLOW, and
# ensure that only the group of the symlink has changed.

rm -rf f sl; touch f; ln -s f sl
f_grp=`stat --format=%g f`

cat <<EOF > k.c
# define _GNU_SOURCE 1
#include <fcntl.h>
#include <unistd.h>
#include <stdlib.h>
int
main (int argc, char **argv)
{
  return (fchownat (AT_FDCWD, argv[1], -1, atoi(argv[2]), AT_SYMLINK_NOFOLLOW));
}
EOF
gcc -O k.c

# Determine an alternate group.
alt_grp=`id -G|sed 's/.* //'`
test `stat --format=%g sl` = $alt_grp \
  && echo "$0: cannot run test: it requires an alternate group"

strace -e chown32 ./a.out sl $alt_grp || echo fail
test `stat --format=%g sl` = $alt_grp \
  || echo buggy fchownat did not change group of symlink
test `stat --format=%g f` = $f_grp \
  || echo buggy fchownat did change group of symlink referent
----------------------------

Running the above:

    $ bash demo
    k.c: In function 'main':
    chown32("sl", -1, 112) = 0
    Process 32054 detached
    buggy fchownat did not change group of symlink
    buggy fchownat did change group of symlink referent

-- System Information:
Debian Release: testing/unstable
  APT prefers edgy-updates
  APT policy: (500, 'edgy-updates'), (500, 'edgy-security'), (500, 'edgy-proposed'),
(500, 'edgy-backports'), (500, 'edgy')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/dash
Kernel: Linux 2.6.17-6-686
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=ANSI_X3.4-1968) (ignored:
LC_ALL set to C)

Versions of packages libc6 depends on:
ii locales 2.3.20 common files for locale support

libc6 recommends no packages.

-- no debconf information

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.