[gentoo-dev] [PATCH 0/8] insopts/exeopts sanitization

[gentoo-dev] [PATCH 0/8] insopts/exeopts sanitization

[Michał Górny]

Hi,

Here's a series of patches to various eclasses.  They add sanitization
of insopts/exeopts that fix things like:

  src_install() {
    insopts -m0600
    insinto /var/lib/secret
    doins mysupersecretfile

    dobashcomp foo
  }

which caused 'insopts' to wrongly apply to 'dobashcomp'.

--
Best regards,
Michał Górny


Michał Górny (8):
  bash-completion-r1.eclass: Sanitize insopts
  desktop.eclass: Sanitize insopts
  eutils.eclass: Sanitize exeopts
  python-r1.eclass: Sanitize exeopts
  python-utils-r1.eclass: Sanitize insopts/exeopts
  systemd.eclass: Sanitize insopts
  tmpfiles.eclass: Sanitize insopts
  udev.eclass: Sanitize insopts

 eclass/bash-completion-r1.eclass | 2 ++
 eclass/desktop.eclass            | 5 +++++
 eclass/eutils.eclass             | 1 +
 eclass/python-r1.eclass          | 1 +
 eclass/python-utils-r1.eclass    | 3 +++
 eclass/systemd.eclass            | 8 ++++++++
 eclass/tmpfiles.eclass           | 2 ++
 eclass/udev.eclass               | 2 ++
 8 files changed, 24 insertions(+)

-- 
2.18.0.rc1

[gentoo-dev] [PATCH 1/8] bash-completion-r1.eclass: Sanitize insopts

[Michał Górny]

Sanitize insopts when calling doins, in order to avoid prior insopts
calls accidentally affecting do*/new* functions defined by the eclass.
---
 eclass/bash-completion-r1.eclass | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/eclass/bash-completion-r1.eclass b/eclass/bash-completion-r1.eclass
index eff5e68c437e..b41c3a60c204 100644
--- a/eclass/bash-completion-r1.eclass
+++ b/eclass/bash-completion-r1.eclass
@@ -98,6 +98,7 @@ dobashcomp() {
 	debug-print-function ${FUNCNAME} "${@}"
 
 	(
+		insopts
 		insinto "$(_bash-completion-r1_get_bashcompdir)"
 		doins "${@}"
 	)
@@ -112,6 +113,7 @@ newbashcomp() {
 	debug-print-function ${FUNCNAME} "${@}"
 
 	(
+		insopts
 		insinto "$(_bash-completion-r1_get_bashcompdir)"
 		newins "${@}"
 	)
-- 
2.18.0.rc1

[gentoo-dev] [PATCH 2/8] desktop.eclass: Sanitize insopts

[Michał Górny]

Sanitize insopts when calling doins, in order to avoid prior insopts
calls accidentally affecting do*/new* functions defined by the eclass.
---
 eclass/desktop.eclass | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/eclass/desktop.eclass b/eclass/desktop.eclass
index d65b0d0bf074..7889b6fe87a9 100644
--- a/eclass/desktop.eclass
+++ b/eclass/desktop.eclass
@@ -195,6 +195,7 @@ make_desktop_entry() {
 	(
 		# wrap the env here so that the 'insinto' call
 		# doesn't corrupt the env of the caller
+		insopts
 		insinto /usr/share/applications
 		doins "${desktop}"
 	) || die "installing desktop file failed"
@@ -228,6 +229,7 @@ make_session_desktop() {
 	(
 	# wrap the env here so that the 'insinto' call
 	# doesn't corrupt the env of the caller
+	insopts
 	insinto /usr/share/xsessions
 	doins "${desktop}"
 	)
@@ -243,6 +245,7 @@ domenu() {
 	# wrap the env here so that the 'insinto' call
 	# doesn't corrupt the env of the caller
 	local i j ret=0
+	insopts
 	insinto /usr/share/applications
 	for i in "$@" ; do
 		if [[ -f ${i} ]] ; then
@@ -269,6 +272,7 @@ newmenu() {
 	(
 	# wrap the env here so that the 'insinto' call
 	# doesn't corrupt the env of the caller
+	insopts
 	insinto /usr/share/applications
 	newins "$@"
 	)
@@ -282,6 +286,7 @@ _iconins() {
 	(
 	# wrap the env here so that the 'insinto' call
 	# doesn't corrupt the env of the caller
+	insopts
 	local funcname=$1; shift
 	local size dir
 	local context=apps
-- 
2.18.0.rc1

[gentoo-dev] [PATCH 3/8] eutils.eclass: Sanitize exeopts

[Michał Górny]

Sanitize exeopts when calling newexe, in order to avoid prior insopts
calls accidentally affecting make_wrapper.
---
 eclass/eutils.eclass | 1 +
 1 file changed, 1 insertion(+)

diff --git a/eclass/eutils.eclass b/eclass/eutils.eclass
index 7840afbb77b9..ef4814569bb8 100644
--- a/eclass/eutils.eclass
+++ b/eclass/eutils.eclass
@@ -172,6 +172,7 @@ make_wrapper() {
 
 	if [[ -n ${path} ]] ; then
 		(
+		exeopts
 		exeinto "${path}"
 		newexe "${tmpwrapper}" "${wrapper}"
 		) || die
-- 
2.18.0.rc1

[gentoo-dev] [PATCH 4/8] python-r1.eclass: Sanitize exeopts

[Michał Górny]

Sanitize exeopts when calling doexe, in order to avoid prior insopts
calls accidentally affecting do*/new* functions defined by the eclass.
---
 eclass/python-r1.eclass | 1 +
 1 file changed, 1 insertion(+)

diff --git a/eclass/python-r1.eclass b/eclass/python-r1.eclass
index 8a8adb449cc3..789cbe1f5f2c 100644
--- a/eclass/python-r1.eclass
+++ b/eclass/python-r1.eclass
@@ -810,6 +810,7 @@ python_replicate_script() {
 		python_export PYTHON_SCRIPTDIR
 
 		(
+			exeopts
 			exeinto "${PYTHON_SCRIPTDIR#${EPREFIX}}"
 			doexe "${files[@]}"
 		)
-- 
2.18.0.rc1

[gentoo-dev] [PATCH 5/8] python-utils-r1.eclass: Sanitize insopts/exeopts

[Michał Górny]

Sanitize insopts/exeopts when calling doins/doexe, in order to avoid
prior insopts calls accidentally affecting do*/new* functions defined
by the eclass.
---
 eclass/python-utils-r1.eclass | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/eclass/python-utils-r1.eclass b/eclass/python-utils-r1.eclass
index 3a462e34614a..c57b9117bf6f 100644
--- a/eclass/python-utils-r1.eclass
+++ b/eclass/python-utils-r1.eclass
@@ -789,6 +789,7 @@ python_newexe() {
 
 	(
 		dodir "${wrapd}"
+		exeopts
 		exeinto "${d}"
 		newexe "${f}" "${newfn}" || return ${?}
 	)
@@ -920,6 +921,7 @@ python_domodule() {
 	fi
 
 	(
+		insopts
 		insinto "${d}"
 		doins -r "${@}" || return ${?}
 	)
@@ -954,6 +956,7 @@ python_doheader() {
 	d=${PYTHON_INCLUDEDIR#${EPREFIX}}
 
 	(
+		insopts
 		insinto "${d}"
 		doins -r "${@}" || return ${?}
 	)
-- 
2.18.0.rc1

[gentoo-dev] [PATCH 6/8] systemd.eclass: Sanitize insopts

[Michał Górny]

Sanitize insopts when calling doins, in order to avoid prior insopts
calls accidentally affecting do*/new* functions defined by the eclass.
---
 eclass/systemd.eclass | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/eclass/systemd.eclass b/eclass/systemd.eclass
index 6dda4353064a..3dfe633b42e6 100644
--- a/eclass/systemd.eclass
+++ b/eclass/systemd.eclass
@@ -151,6 +151,7 @@ systemd_dounit() {
 	debug-print-function ${FUNCNAME} "${@}"
 
 	(
+		insopts
 		insinto "$(_systemd_get_systemunitdir)"
 		doins "${@}"
 	)
@@ -165,6 +166,7 @@ systemd_newunit() {
 	debug-print-function ${FUNCNAME} "${@}"
 
 	(
+		insopts
 		insinto "$(_systemd_get_systemunitdir)"
 		newins "${@}"
 	)
@@ -179,6 +181,7 @@ systemd_douserunit() {
 	debug-print-function ${FUNCNAME} "${@}"
 
 	(
+		insopts
 		insinto "$(_systemd_get_userunitdir)"
 		doins "${@}"
 	)
@@ -193,6 +196,7 @@ systemd_newuserunit() {
 	debug-print-function ${FUNCNAME} "${@}"
 
 	(
+		insopts
 		insinto "$(_systemd_get_userunitdir)"
 		newins "${@}"
 	)
@@ -222,6 +226,7 @@ systemd_install_serviced() {
 	[[ ${service} == *.d ]] && die "Service must not have .d suffix"
 
 	(
+		insopts
 		insinto /etc/systemd/system/"${service}".d
 		newins "${src}" 00gentoo.conf
 	)
@@ -241,6 +246,7 @@ systemd_dotmpfilesd() {
 	done
 
 	(
+		insopts
 		insinto /usr/lib/tmpfiles.d/
 		doins "${@}"
 	)
@@ -258,6 +264,7 @@ systemd_newtmpfilesd() {
 		|| die 'tmpfiles.d files need to have .conf suffix.'
 
 	(
+		insopts
 		insinto /usr/lib/tmpfiles.d/
 		newins "${@}"
 	)
@@ -320,6 +327,7 @@ systemd_enable_ntpunit() {
 	done
 
 	(
+		insopts
 		insinto "$(_systemd_get_utildir)"/ntp-units.d
 		doins "${T}"/${ntpunit_name}.list
 	)
-- 
2.18.0.rc1

[gentoo-dev] [PATCH 7/8] tmpfiles.eclass: Sanitize insopts

[Michał Górny]

Sanitize insopts when calling doins, in order to avoid prior insopts
calls accidentally affecting do*/new* functions defined by the eclass.
---
 eclass/tmpfiles.eclass | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/eclass/tmpfiles.eclass b/eclass/tmpfiles.eclass
index 746225784128..c60e86f5ef95 100644
--- a/eclass/tmpfiles.eclass
+++ b/eclass/tmpfiles.eclass
@@ -76,6 +76,7 @@ dotmpfiles() {
 	done
 
 	(
+		insopts
 		insinto /usr/lib/tmpfiles.d
 		doins "$@"
 	)
@@ -93,6 +94,7 @@ newtmpfiles() {
 	fi
 
 	(
+		insopts
 		insinto /usr/lib/tmpfiles.d
 		newins "$@"
 	)
-- 
2.18.0.rc1

[gentoo-dev] [PATCH 8/8] udev.eclass: Sanitize insopts

[Michał Górny]

Sanitize insopts when calling doins, in order to avoid prior insopts
calls accidentally affecting do*/new* functions defined by the eclass.
---
 eclass/udev.eclass | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/eclass/udev.eclass b/eclass/udev.eclass
index 5e5df0738805..d2e3af23f070 100644
--- a/eclass/udev.eclass
+++ b/eclass/udev.eclass
@@ -82,6 +82,7 @@ udev_dorules() {
 	debug-print-function ${FUNCNAME} "${@}"
 
 	(
+		insopts
 		insinto "$(_udev_get_udevdir)"/rules.d
 		doins "${@}"
 	)
@@ -96,6 +97,7 @@ udev_newrules() {
 	debug-print-function ${FUNCNAME} "${@}"
 
 	(
+		insopts
 		insinto "$(_udev_get_udevdir)"/rules.d
 		newins "${@}"
 	)
-- 
2.18.0.rc1

Re: [gentoo-dev] [PATCH 1/8] bash-completion-r1.eclass: Sanitize insopts

[Ulrich Mueller]

[-- Attachment #1: Type: text/plain, Size: 579 bytes --]

>>>>> On Fri, 8 Jun 2018, Michał Górny wrote:

>  	(
> +		insopts
>  		insinto "$(_bash-completion-r1_get_bashcompdir)"
>  		doins "${@}"
>  	)

I wonder about these empty insopts commands. According to the spec:
"When called with no arguments, resets the option list [for the
install command] to empty."

Now the default permission mode of install(1) is rwxr-xr-x or 0755,
which is not what you want. So I think you should do an explicit
insopts -m 0644 here.

Similarly, exeopts -m 0755 in other commits (because IMHO it would
improve readability).

Ulrich

[-- Attachment #2: Type: application/pgp-signature, Size: 490 bytes --]

Re: [gentoo-dev] [PATCH 1/8] bash-completion-r1.eclass: Sanitize insopts

[Michał Górny]

W dniu pią, 08.06.2018 o godzinie 13∶02 +0200, użytkownik Ulrich Mueller
napisał:
> > > > > > On Fri, 8 Jun 2018, Michał Górny wrote:
> >  	(
> > +		insopts
> >  		insinto "$(_bash-completion-r1_get_bashcompdir)"
> >  		doins "${@}"
> >  	)
> 
> I wonder about these empty insopts commands. According to the spec:
> "When called with no arguments, resets the option list [for the
> install command] to empty."
> 
> Now the default permission mode of install(1) is rwxr-xr-x or 0755,
> which is not what you want. So I think you should do an explicit
> insopts -m 0644 here.

Hmm, looks like the spec is screwed.  My idea was actually that it
resets it to the default, and this what Portage does.  However, pkgcore
and paludis both indeed force empty argument list there.  So once again
we reach undefined behavior and have to ban this use...

> Similarly, exeopts -m 0755 in other commits (because IMHO it would
> improve readability).

-- 
Best regards,
Michał Górny