Check for symlinks from lib64 to /lib and warn if not unset. (Closes: #553599)

git-svn-id: http://emdebian.org/svn/current@6659 563faec7-e20c-0410-992a-a66f704d0ccd
This commit is contained in:
codehelp 2009-11-01 14:58:54 +00:00
parent 0e867487f1
commit ee2da812b2
2 changed files with 54 additions and 2 deletions

4
debian/changelog vendored
View file

@ -1,8 +1,10 @@
emdebian-rootfs (2.0.4) unstable; urgency=low emdebian-rootfs (2.0.4) unstable; urgency=low
* [INTL:fr] French manpage translation update (Closes: #552198) * [INTL:fr] French manpage translation update (Closes: #552198)
* Check for symlinks from lib64 to /lib and warn if not unset.
(Closes: #553599)
-- Neil Williams <codehelp@debian.org> Sat, 24 Oct 2009 20:09:22 +0100 -- Neil Williams <codehelp@debian.org> Sun, 01 Nov 2009 14:52:05 +0000
emdebian-rootfs (2.0.3) unstable; urgency=low emdebian-rootfs (2.0.3) unstable; urgency=low

View file

@ -170,6 +170,31 @@ if (not -d "${dir}dev") {
mkdir "${dir}dev"; mkdir "${dir}dev";
} }
# prevent the absolute symlink in libc6 from allowing
# writes outside the multistrap root dir. See: #553599
if (-l "${dir}lib64" ) {
my $r = readlink "${dir}lib64";
if ($r =~ m:^/:)
{
my $old = `pwd`;
chomp ($old);
unlink "${dir}lib64";
chdir ("$dir");
print "INF: ./lib64 -> /lib symbolic link reset to ./lib.\n";
symlink "./lib", "lib64";
chdir ("${old}");
}
}
else
{
my $old = `pwd`;
chomp ($old);
chdir ("$dir");
print "INF: Setting ./lib64 -> ./lib symbolic link.\n";
symlink "./lib", "lib64";
chdir ("${old}");
}
unlink ("${dir}etc/apt/sources.list.d/multistrap.sources.list") unlink ("${dir}etc/apt/sources.list.d/multistrap.sources.list")
if (-f "${dir}etc/apt/sources.list.d/multistrap.sources.list"); if (-f "${dir}etc/apt/sources.list.d/multistrap.sources.list");
unlink ("${dir}etc/apt/sources.list") unlink ("${dir}etc/apt/sources.list")
@ -265,7 +290,18 @@ die ("apt download failed. Exit value: ".($retval/256)."\n")
system ("touch ${dir}${libdir}lists/lock"); system ("touch ${dir}${libdir}lists/lock");
&native if (not defined ($foreign)); &native if (not defined ($foreign));
(not defined $tidy) ? system ("apt-get $config_str update") : &tidy_apt; (not defined $tidy) ? system ("apt-get $config_str update") : &tidy_apt;
printf ("\nMultistrap system installed successfully in %s.\n\n", $dir); if (-l "${dir}lib64" ) {
my $r = readlink "${dir}lib64";
if ($r =~ m:^/:)
{
print "ERR: ./lib64 -> /lib symbolic link reset to ./lib after unpacking.\n";
printf ("ERR: Some files may have been unpacked outside %s!\n", $dir);
}
else
{
printf ("\nMultistrap system installed successfully in %s.\n\n", $dir);
}
}
exit 0; exit 0;
sub force_unpack sub force_unpack
@ -380,6 +416,20 @@ sub force_unpack
print STATUS "\n"; print STATUS "\n";
close (STATUS); close (STATUS);
system ("rm -rf ./${tmpdir}"); system ("rm -rf ./${tmpdir}");
if (-l "${dir}lib64" ) {
my $r = readlink "${dir}lib64";
if ($r =~ m:^/:)
{
my $old = `pwd`;
chomp ($old);
printf ("ERR: lib64 -> ./lib symbolic link clobbered by %s\n", $pkg);
unlink "${dir}lib64";
chdir ("$dir");
print "INF: lib64 -> /lib symbolic link reset to ./lib.\n";
symlink "./lib", "lib64";
chdir ("${old}");
}
}
} }
chdir ("$old"); chdir ("$old");
print "I: Unpacking complete.\n"; print "I: Unpacking complete.\n";