Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

security.t complains during compilation of Perl with AFS filesystem #40

Open
djzhh opened this issue Mar 14, 2024 · 2 comments
Open

security.t complains during compilation of Perl with AFS filesystem #40

djzhh opened this issue Mar 14, 2024 · 2 comments

Comments

@djzhh
Copy link

djzhh commented Mar 14, 2024

Compiling Perl and running ./perl harness in directory t yields

uid=NNN topuid=10 euid=MMMM path='/afs/desy.de/user/d' at ../../lib/File/Temp.pm line 688.
        File::Temp::_is_safe("/afs/CELLNAME/user/U", SCALAR(0x17475f0)) called at ../../lib/File/Temp.pm line 787
        File::Temp::_is_verysafe(".", SCALAR(0x17475f0)) called at ../../lib/File/Temp.pm line 479
        File::Temp::_gettemp("tmpXXXXX", "open", 1, "mkdir", 0, "unlink_on_close", 0, "suffixlen", ...) called at ../../lib/Fil
e/Temp.pm line 1488
        File::Temp::tempfile("tmpXXXXX", "UNLINK", 1) called at t/security.t line 105
        eval {...} called at t/security.t line 105
        main::test_security() called at t/security.t line 67
../cpan/File-Temp/t/security.t ....................................... ok

when compiled within AFS filesystem, but works fine on a local filesystem. ./Configure detects AFS and displays a notice AFS may be running... I'll be extra cautious then... and AFS is somewhat peculiar concerning ACL handling. Permissions are handled directory-wise (file permissions are not considered like in e.g. ext4); see also https://docs.openafs.org/UserGuide/HDRWQ46.html

If I understood everything correctly, this patch should help:

*** old/cpan/File-Temp/t/security.t 2023-11-28 12:57:27.000000000 +0100
--- new/cpan/File-Temp/t/security.t       2024-03-12 23:45:59.000000000 +0100
*************** sub test_security {
*** 102,107 ****
--- 102,115 ----
          skip("Skip Test inappropriate for root", 2);
          return;
      }
+     my $Curdir = File::Spec->curdir;
+     if ( $Config::Config{afs} eq "true"
+        && $Curdir
+        && $Curdir =~ /^\Q$Config::Config{afsroot}/
+       ) {
+       skip "AFS", 2;
+       return;
+     }
      my ($fh2, $fname2) = eval { tempfile ($template,  UNLINK => 1 ); };
      if (defined $fname2) {
          print "# fname2 = $fname2\n";
@Leont
Copy link
Member

Leont commented Mar 14, 2024

curdir is always true , and it's relative (. on almost all platforms).

@djzhh
Copy link
Author

djzhh commented Mar 14, 2024

O.k., so it looks to me to better use the condition you proposed in Perl-Toolchain-Gang/ExtUtils-MakeMaker#451 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Leont @djzhh