| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
For the standard thread+fork safety reasons.
|
|
|
|
|
| |
This is a file-descriptor variant which is useful for reading from
directories and regular files (it can't work on symlinks).
|
| |
|
|
|
|
| |
This is kind of long overdue...
|
|
|
|
| |
This is a long overdue move of this function to public API.
|
|
|
|
|
| |
Now that we're encouraging use of openat(), fds are a lot more
prevalent.
|
|
|
|
|
| |
This noticeably cleans up the rm_rf() code. And also it now becomes
easy add a gs_shutil_rm_rf_at() variant.
|
|
|
|
|
|
|
|
|
|
|
| |
Using the GFileEnumerator doesn't allow using the *at system calls
such as unlinkat() very easily. These system calls are both more
performant (no need to traverse paths repeatedly) and more secure
(assuming an attacker has write access to an intervening path).
Currently, this exposes the Unix "struct dirent*" which means it's not
available to introspection, but a future API addition could add a
binding to create a GFileInfo*.
|
|
|
|
|
|
|
|
| |
We already had gs_file_open_dir_fd, but it didn't support O_NOFOLLOW,
which is quite useful.
Also add a raw function wrapping the core bits we need to opendir(),
also taking a follow boolean.
|
| |
|
|
|
|
| |
This got missed before.
|
|
|
|
| |
Associate each cleanup with its #define, it's just obviously saner.
|
| |
|
|
|
|
| |
This matches the https://wiki.gnome.org/GnomeGoals/InstalledTests spec.
|
| |
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
| |
|
|
|
|
|
| |
Use the dynamically allocated buffer returned by realpath instead of
using PATH_MAX which is not defined on platforms like Hurd.
|
|
|
|
| |
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
|
|
|
| |
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
|
|
|
| |
See https://github.com/hughsie/libhif/pull/2
|
|
|
|
|
| |
This is the only safe way to get xattrs for a symlink relative to a
dirfd.
|
| |
|
|
|
|
| |
For file operations, it's relevant.
|
|
|
|
|
|
|
| |
We had a g_prefix_error() for the lsetxattr() path, but not
fsetxattr(). Add one for the latter, and change the former to not use
the pathname because we always go through /proc/self/fd so it won't be
useful to show.
|
|
|
|
|
| |
This will be used in the OSTree checkout code, where we want to
mkdir() and then open it.
|
|
|
|
| |
This is a Linux-specific way to work around the missing lsetxattrat().
|
|
|
|
|
| |
Unprivileged users won't be able to copy e.g. security.selinux; let's
ignore this by default, the same way coreutils does.
|
| |
|
| |
|
|
|
|
| |
See https://mail.gnome.org/archives/desktop-devel-list/2014-February/msg00028.html
|
|
|
|
|
|
| |
Needed for g_clear_pointer().
Signed-off-by: Jiří Klimeš <jklimes@redhat.com>
|
|
|
|
| |
Hooray for rpmlint.
|
|
|
|
| |
This ensures we're not overwriting any earlier output.
|
|
|
|
|
| |
A bit tricky; we have to move the implementation into an internal
helper.
|
| |
|
|
|
|
|
|
| |
This function is not universally available, and since we don't have our
own autoconf script to check for it, just assume that we have it iff
we're on Linux.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For SELinux, it's crucial that we actually copy the "security.selinux"
xattr which provides the security context. the "cp_a" name kind of
strongly implies that we do what coreutils "cp -a" does, and this patch
moves us a lot closer to what it says on the tin.
Concretely, we now match directory modes (and ownership), and we copy
all xattrs for directories.
We're not (yet) copying xattrs for files, but sadly this is a GLib bug.
This patch will allow OSTree to simply use gs_shutil_cp_a() for merging
configuration.
Still TODO:
* Timestamps
https://bugzilla.gnome.org/show_bug.cgi?id=711058
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes a warning found during Coverity scan.
Error: REVERSE_INULL (CWE-476): [#def5]
libgsystem/gsystem-subprocess.c:949: deref_ptr_in_call: Dereferencing pointer "context".
libgsystem/gsystem-subprocess-context.c:330:3: deref_parm: Directly dereferencing parameter "self".
libgsystem/gsystem-subprocess.c:960: check_after_deref: Null-checking "context" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
|
|
|
|
|
|
|
| |
Like cp -a gs_shutil_cp_a should really copy all directory metadata.
This adds support for at least copying the ownership metadata
(user/group).
https://bugzilla.gnome.org/show_bug.cgi?id=711057
|
|
|
|
|
|
| |
This error was found by running Coverity.
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
|
|
|
|
|
| |
This error was found by running Coverity.
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
In case of creating an existing file name, gs_file_open_in_tmpdir_at did
not retry and failed to create the temporary file (while signalling
success).
This error was found by running Coverity.
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
|
|
|
|
| |
This enables gcc with -Wuninitialized to warn if the cleanup function is used
on an uninitialised variable.
|
| |
|
| |
|
| |
|
|
|
|
| |
The proper prefix is gsystem_, not gs_
|