Bug 1755 - perl-suidperl does not install correctly
Summary: perl-suidperl does not install correctly
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: perl-suidperl (show other bugs)
Version: unstable
Hardware: all Linux
: P4 major
Assignee: at@altlinux.org
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2002-12-25 18:30 MSK by Sergey Vlasov
Modified: 2003-11-14 15:55 MSK (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sergey Vlasov 2002-12-25 18:30:02 MSK 
perl-suidperl does not work after installation, because /usr/bin/suidperl is not installed setuid root. Looks like the problem is that /usr/bin/sperl5.8.0 and /usr/bin/suidperl are hard links to the same file, but only one of them is listed with %attr(4711,root,root) in perl.spec.

Example:

# rpm -e perl-suidperl
# rpm -Uvh ...../perl-suidperl-5.8.0-alt0.9.i586.rpm
Preparing...                 ##################################################
perl-suidperl                ##################################################
# ls -lai /usr/bin/sperl5.8.0 /usr/bin/suidperl
29404718 -rwx--x--x    2 root     root        59728 Дек 15 16:17 /usr/bin/sperl5.8.0
29404718 -rwx--x--x    2 root     root        59728 Дек 15 16:17 /usr/bin/suidperl
# rpm --verify perl-suidperl
.M......   /usr/bin/sperl5.8.0
# chmod u+s /usr/bin/suidperl
# ls -lai /usr/bin/sperl5.8.0 /usr/bin/suidperl
29404718 -rws--x--x    2 root     root        59728 Дек 15 16:17 /usr/bin/sperl5.8.0
29404718 -rws--x--x    2 root     root        59728 Дек 15 16:17 /usr/bin/suidperl
# rpm --verify perl-suidperl
.M......   /usr/bin/suidperl
---

---
Comment 1 at@altlinux.org 2002-12-25 19:33:53 MSK 
Strange thing is that the same mechanism is used for perl and suidpler linking.

$ ./perl installperl -n -V 2>&1 | grep \'/bin/.*perl[$5]\'
  cp perl /var/tmp/perl-buildroot/usr/bin/perl5.8.0
  chmod 755 /var/tmp/perl-buildroot/usr/bin/perl5.8.0
  cp suidperl /var/tmp/perl-buildroot/usr/bin/sperl5.8.0
  chmod 4711 /var/tmp/perl-buildroot/usr/bin/sperl5.8.0
  ln /var/tmp/perl-buildroot/usr/bin/perl5.8.0 /var/tmp/perl-buildroot/usr/bin/perl
  ln /var/tmp/perl-buildroot/usr/bin/sperl5.8.0 /var/tmp/perl-buildroot/usr/bin/suidperl
$

(This is pseudocode, not shell commands. So installperl scrit has to be examined in detail.)
Comment 2 at@altlinux.org 2002-12-25 19:33:53 MSK 
Strange thing is that the same mechanism is used for perl and suidpler linking.

$ ./perl installperl -n -V 2>&1 | grep \'/bin/.*perl[$5]\'
  cp perl /var/tmp/perl-buildroot/usr/bin/perl5.8.0
  chmod 755 /var/tmp/perl-buildroot/usr/bin/perl5.8.0
  cp suidperl /var/tmp/perl-buildroot/usr/bin/sperl5.8.0
  chmod 4711 /var/tmp/perl-buildroot/usr/bin/sperl5.8.0
  ln /var/tmp/perl-buildroot/usr/bin/perl5.8.0 /var/tmp/perl-buildroot/usr/bin/perl
  ln /var/tmp/perl-buildroot/usr/bin/sperl5.8.0 /var/tmp/perl-buildroot/usr/bin/suidperl
$

(This is pseudocode, not shell commands. So installperl scrit has to be examined in detail.)
Comment 3 Sergey Vlasov 2002-12-25 20:08:35 MSK 
Probably rpmbuild ignores the SUID bit from the buildroot files when creating the binary package.

perl58.spec contains:

%files suidperl
        %attr(4711,root,root) %_bindir/sperl%version
        %_bindir/suidperl

Therefore the RPM package data says this:

$ rpm -qlvp perl-suidperl-5.8.0-alt0.9.i586.rpm 
-rws--x--x    1 root    root            59728 Дек 15 16:17 /usr/bin/sperl5.8.0
-rwx--x--x    1 root    root            59728 Дек 15 16:17 /usr/bin/suidperl

However, these two files are really the same (hard link) - and this information is also stored in the RPM, but in some other place. So rpm correctly recreates the hard link during installation, but does not know which one of the conflicting mode specifications must be used.
Comment 4 Sergey Vlasov 2002-12-25 20:08:35 MSK 
Probably rpmbuild ignores the SUID bit from the buildroot files when creating the binary package.

perl58.spec contains:

%files suidperl
        %attr(4711,root,root) %_bindir/sperl%version
        %_bindir/suidperl

Therefore the RPM package data says this:

$ rpm -qlvp perl-suidperl-5.8.0-alt0.9.i586.rpm 
-rws--x--x    1 root    root            59728 Дек 15 16:17 /usr/bin/sperl5.8.0
-rwx--x--x    1 root    root            59728 Дек 15 16:17 /usr/bin/suidperl

However, these two files are really the same (hard link) - and this information is also stored in the RPM, but in some other place. So rpm correctly recreates the hard link during installation, but does not know which one of the conflicting mode specifications must be used.
Comment 5 at@altlinux.org 2002-12-25 20:33:48 MSK 
Thank you, I see. I just wanted to stress that it appears to be pretty strange that /usr/bin/perl is symlink and /usr/bin/sudperl is hardlink while the same linking mehcanism is used for both of them. 

But I have just figured out that symlinking is forced in spec file for /usr/bin/perl:

ln -sf perl%majver $RPM_BUILD_ROOT%_bindir/perl
ln -sf perl%version $RPM_BUILD_ROOT%_bindir/perl%majver

Without this /usr/bin/perl should be a hardlink, too.

OK, I will add
ln -sf suidperl $RPM_BUILD_ROOT%_bindir/sperl%version
Comment 6 at@altlinux.org 2002-12-25 20:33:48 MSK 
Thank you, I see. I just wanted to stress that it appears to be pretty strange that /usr/bin/perl is symlink and /usr/bin/sudperl is hardlink while the same linking mehcanism is used for both of them. 

But I have just figured out that symlinking is forced in spec file for /usr/bin/perl:

ln -sf perl%majver $RPM_BUILD_ROOT%_bindir/perl
ln -sf perl%version $RPM_BUILD_ROOT%_bindir/perl%majver

Without this /usr/bin/perl should be a hardlink, too.

OK, I will add
ln -sf suidperl $RPM_BUILD_ROOT%_bindir/sperl%version
Comment 7 Sergey Vlasov 2003-11-14 15:52:06 MSK 
fixed and working long ago
Comment 8 at@altlinux.org 2003-11-14 15:55:47 MSK 
Are you using suidperl, by the way.
I believe suidperl will be dropped in perl-5.10.0, which will probably be
released within two years.