wallenstein/void-packages
1
0
Fork 0
mirror of https://github.com/void-linux/void-packages.git synced 2025-06-07 23:53:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

meson: backport patch to fix setuid

Browse source 
https://github.com/mesonbuild/meson/pull/10702
This commit is contained in:
Cameron Nemo 2022-08-16 20:48:46 -07:00 committed by Michal Vasilek
parent 66412d5654
commit 7d5f675e8a
2 changed files with 60 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
srcpkgs/meson/patches/10702.patch Normal file
View file

@ -0,0 +1,59 @@
From 869b95d0c2a854d73db0fceb7d0dbee9dc88cf46 Mon Sep 17 00:00:00 2001
From: Eli Schwartz <eschwartz@archlinux.org>
Date: Tue, 16 Aug 2022 22:42:53 -0400
Subject: [PATCH] minstall: do not trample install_mode by rpath fixer
install_mode can include the setuid bit, which has the special property
(mentioned in the set_mode logic for minstall itself) of needing to come
last, because it "will get wiped by chmod" (or at least chown).
In fact, it's not just chown that wipes setuid, but other changes as
well, such as the file contents. This is not an issue for install_data /
custom_target, but for compiled outputs, we run depfixer to handle
rpaths. This may or may not cause edits to the binary, depending on
whether we have a build rpath to wipe, or an install rpath to add. (We
also may run `strip`, but that external program already has its own mode
restoration logic.)
Fix this by switching the order of operations around, so that setting
the permissions happens last.
Fixes https://github.com/void-linux/void-packages/issues/38682
---
mesonbuild/minstall.py | 3 ++-
test cases/common/190 install_mode/meson.build | 1 +
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/mesonbuild/minstall.py b/mesonbuild/minstall.py
index 551f909c80d..a810ccbbd40 100644
--- a/mesonbuild/minstall.py
+++ b/mesonbuild/minstall.py
@@ -693,7 +693,6 @@ def install_targets(self, d: InstallData, dm: DirMaker, destdir: str, fullprefix
raise MesonException(f'File {fname!r} could not be found')
elif os.path.isfile(fname):
file_copied = self.do_copyfile(fname, outname, makedirs=(dm, outdir))
- self.set_mode(outname, install_mode, d.install_umask)
if should_strip and d.strip_bin is not None:
if fname.endswith('.jar'):
self.log('Not stripping jar target: {}'.format(os.path.basename(fname)))
@@ -723,6 +722,8 @@ def install_targets(self, d: InstallData, dm: DirMaker, destdir: str, fullprefix
pass
else:
raise
+ # file mode needs to be set last, after strip/depfixer editing
+ self.set_mode(outname, install_mode, d.install_umask)
def rebuild_all(wd: str) -> bool:
if not (Path(wd) / 'build.ninja').is_file():
diff --git a/test cases/common/190 install_mode/meson.build b/test cases/common/190 install_mode/meson.build
index cae1e91aba3..e877ba75757 100644
--- a/test cases/common/190 install_mode/meson.build
+++ b/test cases/common/190 install_mode/meson.build
@@ -51,6 +51,7 @@ install_man('foo.1',
executable('trivialprog',
sources : 'trivial.c',
install : true,
+ build_rpath: meson.current_build_dir(),
install_mode : ['rwxr-sr-x', 'root', 'root'])
# test install_mode in static_library

2
srcpkgs/meson/template
View file

@ -1,7 +1,7 @@
# Template file for 'meson' # Template file for 'meson'
pkgname=meson pkgname=meson
version=0.62.2 version=0.62.2
revision=1 revision=2
build_style=python3-module build_style=python3-module
hostmakedepends="python3-devel python3-setuptools" hostmakedepends="python3-devel python3-setuptools"
depends="ninja python3-setuptools" depends="ninja python3-setuptools"