coreutils/coreutils-acl-nofollow.patch
Philipp Thomas 49b16878b2 - Update to 8.16:
- Improvements:
  * As a GNU extension, 'chmod', 'mkdir', and 'install' now accept
    operators '-', '+', '=' followed by octal modes;
  * Also, ordinary numeric modes with five or more digits no longer
    preserve setuid and setgid bits, so that 'chmod 00755 FOO' now
    clears FOO's setuid and setgid bits.
  * dd now accepts the count_bytes, skip_bytes iflags and the
    seek_bytes oflag, to more easily allow processing portions of a
    file.
  * dd now accepts the conv=sparse flag to attempt to create sparse
    output, by seeking rather than writing to the output file.
  * ln now accepts the --relative option, to generate a relative
    symbolic link to a target, irrespective of how the target is
    specified.
  * split now accepts an optional "from" argument to
    --numeric-suffixes, which changes the start number from the
    default of 0.
  * split now accepts the --additional-suffix option, to append an
    additional static suffix to output file names.
  * basename now supports the -a and -s options, which allow
    processing of more than one argument at a time.  Also the
    complementary -z option was added to delimit output items with
    the NUL character.
  * dirname now supports more than one argument. Also the complementary
    z option was added to delimit output items with the NUL character.
  - Bug fixes
  * du --one-file-system (-x) would ignore any non-directory
    specified on the command line. For example, "touch f; du -x f"
    would print nothing. [bug introduced in coreutils-8.15]
  * mv now lets you move a symlink onto a same-inode destination
    file that has two or more hard links.
  * "mv A B" could succeed, yet A would remain.
  * realpath no longer mishandles a root directory.
  - Improvements
  * ls can be much more efficient, especially with large directories
    on file systems for which getfilecon-, ACL-check- and XATTR-
    check-induced syscalls fail with ENOTSUP or similar.
 * 'realpath --relative-base=dir' in isolation now implies
    '--relative-to=dir' instead of causing a usage failure.
 * split now supports an unlimited number of split files as default
   behavior.
 For a detaild list se NEWS in the documentation.
- Add up-to-date german translation.

- Add two upstream patches that speed up ls (bnc#752943):
  * Cache (l)getfilecon calls to avoid the vast majority of the failing
    underlying getxattr syscalls.
  * Avoids always-failing queries for whether a file has a nontrivial
    ACL and for whether a file has certain "capabilities".

OBS-URL: https://build.opensuse.org/package/show/Base:System/coreutils?expand=0&rev=147
2012-04-16 15:12:46 +00:00

88 lines
3.6 KiB
Diff

commit 95f7c57ff4090a5dee062044d2c7b99879077808
Author: Kamil Dudka <kdudka@redhat.com>
Date: Fri Jul 22 14:48:42 2011 +0200
file-has-acl: use acl_extended_file_nofollow if available
* lib/acl-internal.h (HAVE_ACL_EXTENDED_FILE): New macro.
(acl_extended_file): New macro.
* lib/file-has-acl.c (file_has_acl): Use acl_extended_file_nofollow.
* m4/acl.m4 (gl_FUNC_ACL): Check for acl_extended_file_nofollow.
This addresses http://bugzilla.redhat.com/692823.
Index: lib/acl-internal.h
===================================================================
--- lib/acl-internal.h.orig 2012-03-09 08:31:00.000000000 +0100
+++ lib/acl-internal.h 2012-04-16 13:17:12.470016537 +0200
@@ -142,6 +142,12 @@ rpl_acl_set_fd (int fd, acl_t acl)
# endif
/* Linux-specific */
+# ifndef HAVE_ACL_EXTENDED_FILE_NOFOLLOW
+# define HAVE_ACL_EXTENDED_FILE_NOFOLLOW false
+# define acl_extended_file_nofollow(name) (-1)
+# endif
+
+/* Linux-specific */
# ifndef HAVE_ACL_FROM_MODE
# define HAVE_ACL_FROM_MODE false
# define acl_from_mode(mode) (NULL)
Index: lib/file-has-acl.c
===================================================================
--- lib/file-has-acl.c.orig 2012-03-09 08:31:00.000000000 +0100
+++ lib/file-has-acl.c 2012-04-16 13:17:12.471016513 +0200
@@ -492,12 +492,20 @@ file_has_acl (char const *name, struct s
/* Linux, FreeBSD, MacOS X, IRIX, Tru64 */
int ret;
- if (HAVE_ACL_EXTENDED_FILE) /* Linux */
+ if (HAVE_ACL_EXTENDED_FILE || HAVE_ACL_EXTENDED_FILE_NOFOLLOW) /* Linux */
{
+# if HAVE_ACL_EXTENDED_FILE_NOFOLLOW
+ /* acl_extended_file_nofollow() uses lgetxattr() in order to prevent
+ unnecessary mounts, but it returns the same result as we already
+ know that NAME is not a symbolic link at this point (modulo the
+ TOCTTOU race condition). */
+ ret = acl_extended_file_nofollow (name);
+# else
/* On Linux, acl_extended_file is an optimized function: It only
makes two calls to getxattr(), one for ACL_TYPE_ACCESS, one for
ACL_TYPE_DEFAULT. */
ret = acl_extended_file (name);
+# endif
}
else /* FreeBSD, MacOS X, IRIX, Tru64 */
{
Index: m4/acl.m4
===================================================================
--- m4/acl.m4.orig 2012-01-06 10:14:31.000000000 +0100
+++ m4/acl.m4 2012-04-16 13:17:12.471016513 +0200
@@ -33,7 +33,7 @@ AC_DEFUN([gl_FUNC_ACL],
AC_CHECK_FUNCS(
[acl_get_file acl_get_fd acl_set_file acl_set_fd \
acl_free acl_from_mode acl_from_text \
- acl_delete_def_file acl_extended_file \
+ acl_delete_def_file acl_extended_file acl_extended_file_nofollow \
acl_delete_fd_np acl_delete_file_np \
acl_copy_ext_native acl_create_entry_np \
acl_to_short_text acl_free_text])
Index: ChangeLog
===================================================================
--- ChangeLog.orig 2012-03-26 14:15:03.000000000 +0200
+++ ChangeLog 2012-04-16 13:17:12.474016441 +0200
@@ -2815,6 +2815,14 @@
MacOS X 10.7 has an fdatasync that is not declared, and is rumored to
be ineffective. (Bug#9141)
+2011-07-22 Kamil Dudka <kdudka@redhat.com>
+
+ file-has-acl: use acl_extended_file_nofollow if available
+ * lib/acl-internal.h (HAVE_ACL_EXTENDED_FILE): New macro.
+ (acl_extended_file): New macro.
+ * lib/file-has-acl.c (file_has_acl): Use acl_extended_file_nofollow.
+ * m4/acl.m4 (gl_FUNC_ACL): Check for acl_extended_file_nofollow.
+
2011-07-20 Mike Frysinger <vapier@gentoo.org>
dircolors: add screen.Eterm terminal type