On 12/06/14 23:57, Andrew Gregory wrote:
The effect on MTREE file size is negligible and this provides a more reliable way to verify file ownership given that user/group ids are not standardized.
Being too lazy to check myself... How does this work with packages like openlap which does this in the PKGBUILD: chown root:439 "${pkgdir}"/etc/openldap/{slapd.{conf,ldif},DB_CONFIG.example} and then creates the group in the install file: groupadd -g 439 ldap &>/dev/null Allan
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> --- scripts/makepkg.sh.in | 2 +- src/pacman/check.c | 24 ++++++++++++++++++++++++ 2 files changed, 25 insertions(+), 1 deletion(-)
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index e20b707..c77b28b 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -1999,7 +1999,7 @@ create_package() {
msg2 "$(gettext "Generating .MTREE file...")" LANG=C bsdtar -czf .MTREE --format=mtree \ - --options='!all,use-set,type,uid,gid,mode,time,size,md5,sha256,link' \ + --options='!all,use-set,type,uid,uname,gid,gname,mode,time,size,md5,sha256,link' \ "${comp_files[@]}" * comp_files+=(".MTREE")
diff --git a/src/pacman/check.c b/src/pacman/check.c index a7c66ba..d4a11a5 100644 --- a/src/pacman/check.c +++ b/src/pacman/check.c @@ -20,6 +20,8 @@ #include <limits.h> #include <string.h> #include <errno.h> +#include <grp.h> +#include <pwd.h>
/* pacman */ #include "check.h" @@ -69,6 +71,10 @@ static int check_file_permissions(const char *pkgname, const char *filepath, { int errors = 0; mode_t fsmode; + struct passwd *pw = getpwuid(st->st_uid); + struct group *gr = getgrgid(st->st_gid); + const char *uname = archive_entry_uname(entry); + const char *gname = archive_entry_gname(entry);
/* uid */ if(st->st_uid != archive_entry_uid(entry)) { @@ -79,6 +85,15 @@ static int check_file_permissions(const char *pkgname, const char *filepath, } }
+ /* owner name */ + if(uname && (!pw || strcmp(pw->pw_name, uname) != 0)) { + errors++; + if(!config->quiet) { + pm_printf(ALPM_LOG_WARNING, _("%s: %s (Owner mismatch)\n"), + pkgname, filepath); + } + } + /* gid */ if(st->st_gid != archive_entry_gid(entry)) { errors++; @@ -88,6 +103,15 @@ static int check_file_permissions(const char *pkgname, const char *filepath, } }
+ /* group name */ + if(gname && (!gr || strcmp(gr->gr_name, gname) != 0)) { + errors++; + if(!config->quiet) { + pm_printf(ALPM_LOG_WARNING, _("%s: %s (Group mismatch)\n"), + pkgname, filepath); + } + } + /* mode */ fsmode = st->st_mode & (S_ISUID | S_ISGID | S_ISVTX | S_IRWXU | S_IRWXG | S_IRWXO); if(fsmode != (~AE_IFMT & archive_entry_mode(entry))) {