perso/syncthing-arm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

all: Copy owner/group from parent (fixes #5445) (#5479)

Browse Source 
This adds a folder option "CopyOwnershipFromParent" which, when set,
makes Syncthing attempt to retain the owner/group information when
syncing files. Specifically, at the finisher stage we look at the parent
dir to get owner/group and then attempt a Lchown call on the temp file.
For this to succeed Syncthing must be running with the appropriate
permissions. On Linux this is CAP_FOWNER, which can be granted by the
service manager on startup or set on the binary in the filesystem. Other
operating systems do other things, but often it's not required to run as
full "root". On Windows this patch does nothing - ownership works
differently there and is generally less of a deal, as permissions are
inherited as ACLs anyway.

There are unit tests on the Lchown functionality, which requires the
above permissions to run. There is also a unit test on the folder which
uses the fake filesystem and hence does not need special permissions.
This commit is contained in:
Jakob Borg
2019-01-25 09:52:21 +01:00
committed by GitHub
parent 0e07f6bef4
commit 75dcff0a0e
12 changed files with 408 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/fs/basicfs.go
View File

@@ -98,6 +98,14 @@ func (f *BasicFilesystem) Chmod(name string, mode FileMode) error {
return os.Chmod(name, os.FileMode(mode))
}
func (f *BasicFilesystem) Lchown(name string, uid, gid int) error {
name, err := f.rooted(name)
if err != nil {
return err
}
return os.Lchown(name, uid, gid)
}
func (f *BasicFilesystem) Chtimes(name string, atime time.Time, mtime time.Time) error {
name, err := f.rooted(name)
if err != nil {

50
lib/fs/basicfs_test.go
View File

@@ -15,6 +15,8 @@ import (
"strings"
"testing"
"time"
"github.com/syncthing/syncthing/lib/rand"
)
func setup(t *testing.T) (*BasicFilesystem, string) {
@@ -56,6 +58,54 @@ func TestChmodFile(t *testing.T) {
}
}
func TestChownFile(t *testing.T) {
if runtime.GOOS == "windows" {
t.Skip("Not supported on Windows")
return
}
if os.Getuid() != 0 {
// We are not root. No expectation of being able to chown. Our tests
// typically don't run with CAP_FOWNER.
t.Skip("Test not possible")
return
}
fs, dir := setup(t)
path := filepath.Join(dir, "file")
defer os.RemoveAll(dir)
defer os.Chmod(path, 0666)
fd, err := os.Create(path)
if err != nil {
t.Error("Unexpected error:", err)
}
fd.Close()
info, err := fs.Lstat("file")
if err != nil {
t.Error("Unexpected error:", err)
}
newUID := 1000 + rand.Intn(30000)
newGID := 1000 + rand.Intn(30000)
if err := fs.Lchown("file", newUID, newGID); err != nil {
t.Error("Unexpected error:", err)
}
info, err = fs.Lstat("file")
if err != nil {
t.Error("Unexpected error:", err)
}
if info.Owner() != newUID {
t.Errorf("Incorrect owner, expected %d but got %d", newUID, info.Owner())
}
if info.Group() != newGID {
t.Errorf("Incorrect group, expected %d but got %d", newGID, info.Group())
}
}
func TestChmodDir(t *testing.T) {
fs, dir := setup(t)
path := filepath.Join(dir, "dir")

1
lib/fs/errorfs.go
View File

@@ -18,6 +18,7 @@ type errorFilesystem struct {
}
func (fs *errorFilesystem) Chmod(name string, mode FileMode) error { return fs.err }
func (fs *errorFilesystem) Lchown(name string, uid, gid int) error { return fs.err }
func (fs *errorFilesystem) Chtimes(name string, atime time.Time, mtime time.Time) error { return fs.err }
func (fs *errorFilesystem) Create(name string) (File, error) { return nil, fs.err }
func (fs *errorFilesystem) CreateSymlink(target, name string) error { return fs.err }

138
lib/fs/fakefs.go
View File

@@ -78,11 +78,11 @@ func newFakeFilesystem(root string) *fakefs {
fs := &fakefs{
root: &fakeEntry{
name: "/",
isdir: true,
mode: 0700,
mtime: time.Now(),
children: make(map[string]*fakeEntry),
name: "/",
entryType: fakeEntryTypeDir,
mode: 0700,
mtime: time.Now(),
children: make(map[string]*fakeEntry),
},
}
@@ -126,17 +126,30 @@ func newFakeFilesystem(root string) *fakefs {
return fs
}
type fakeEntryType int
const (
fakeEntryTypeFile fakeEntryType = iota
fakeEntryTypeDir
fakeEntryTypeSymlink
)
// fakeEntry is an entry (file or directory) in the fake filesystem
type fakeEntry struct {
name string
isdir bool
size int64
mode FileMode
mtime time.Time
children map[string]*fakeEntry
name string
entryType fakeEntryType
dest string // for symlinks
size int64
mode FileMode
uid int
gid int
mtime time.Time
children map[string]*fakeEntry
}
func (fs *fakefs) entryForName(name string) *fakeEntry {
// bug: lookup doesn't work through symlinks.
name = filepath.ToSlash(name)
if name == "." || name == "/" {
return fs.root
@@ -146,6 +159,9 @@ func (fs *fakefs) entryForName(name string) *fakeEntry {
comps := strings.Split(name, "/")
entry := fs.root
for _, comp := range comps {
if entry.entryType != fakeEntryTypeDir {
return nil
}
var ok bool
entry, ok = entry.children[comp]
if !ok {
@@ -166,6 +182,18 @@ func (fs *fakefs) Chmod(name string, mode FileMode) error {
return nil
}
func (fs *fakefs) Lchown(name string, uid, gid int) error {
fs.mut.Lock()
defer fs.mut.Unlock()
entry := fs.entryForName(name)
if entry == nil {
return os.ErrNotExist
}
entry.uid = uid
entry.gid = gid
return nil
}
func (fs *fakefs) Chtimes(name string, atime time.Time, mtime time.Time) error {
fs.mut.Lock()
defer fs.mut.Unlock()
@@ -177,18 +205,20 @@ func (fs *fakefs) Chtimes(name string, atime time.Time, mtime time.Time) error {
return nil
}
func (fs *fakefs) Create(name string) (File, error) {
func (fs *fakefs) create(name string) (*fakeEntry, error) {
fs.mut.Lock()
defer fs.mut.Unlock()
if entry := fs.entryForName(name); entry != nil {
if entry.isdir {
if entry.entryType == fakeEntryTypeDir {
return nil, os.ErrExist
} else if entry.entryType == fakeEntryTypeSymlink {
return nil, errors.New("following symlink not supported")
}
entry.size = 0
entry.mtime = time.Now()
entry.mode = 0666
return &fakeFile{fakeEntry: entry}, nil
return entry, nil
}
dir := filepath.Dir(name)
@@ -203,11 +233,25 @@ func (fs *fakefs) Create(name string) (File, error) {
mtime: time.Now(),
}
entry.children[base] = new
return &fakeFile{fakeEntry: new}, nil
return new, nil
}
func (fs *fakefs) Create(name string) (File, error) {
entry, err := fs.create(name)
if err != nil {
return nil, err
}
return &fakeFile{fakeEntry: entry}, nil
}
func (fs *fakefs) CreateSymlink(target, name string) error {
return errors.New("not implemented")
entry, err := fs.create(name)
if err != nil {
return err
}
entry.entryType = fakeEntryTypeSymlink
entry.dest = target
return nil
}
func (fs *fakefs) DirNames(name string) ([]string, error) {
@@ -248,16 +292,19 @@ func (fs *fakefs) Mkdir(name string, perm FileMode) error {
if entry == nil {
return os.ErrNotExist
}
if entry.entryType != fakeEntryTypeDir {
return os.ErrExist
}
if _, ok := entry.children[base]; ok {
return os.ErrExist
}
entry.children[base] = &fakeEntry{
name: base,
isdir: true,
mode: perm,
mtime: time.Now(),
children: make(map[string]*fakeEntry),
name: base,
entryType: fakeEntryTypeDir,
mode: perm,
mtime: time.Now(),
children: make(map[string]*fakeEntry),
}
return nil
}
@@ -272,15 +319,15 @@ func (fs *fakefs) MkdirAll(name string, perm FileMode) error {
if !ok {
new := &fakeEntry{
name: comp,
isdir: true,
mode: perm,
mtime: time.Now(),
children: make(map[string]*fakeEntry),
name: comp,
entryType: fakeEntryTypeDir,
mode: perm,
mtime: time.Now(),
children: make(map[string]*fakeEntry),
}
entry.children[comp] = new
next = new
} else if !next.isdir {
} else if next.entryType != fakeEntryTypeDir {
return errors.New("not a directory")
}
@@ -294,7 +341,7 @@ func (fs *fakefs) Open(name string) (File, error) {
defer fs.mut.Unlock()
entry := fs.entryForName(name)
if entry == nil {
if entry == nil || entry.entryType != fakeEntryTypeFile {
return nil, os.ErrNotExist
}
return &fakeFile{fakeEntry: entry}, nil
@@ -313,6 +360,8 @@ func (fs *fakefs) OpenFile(name string, flags int, mode FileMode) (File, error)
entry := fs.entryForName(dir)
if entry == nil {
return nil, os.ErrNotExist
} else if entry.entryType != fakeEntryTypeDir {
return nil, errors.New("not a directory")
}
if flags&os.O_EXCL != 0 {
@@ -332,7 +381,16 @@ func (fs *fakefs) OpenFile(name string, flags int, mode FileMode) (File, error)
}
func (fs *fakefs) ReadSymlink(name string) (string, error) {
return "", errors.New("not implemented")
fs.mut.Lock()
defer fs.mut.Unlock()
entry := fs.entryForName(name)
if entry == nil {
return "", os.ErrNotExist
} else if entry.entryType != fakeEntryTypeSymlink {
return "", errors.New("not a symlink")
}
return entry.dest, nil
}
func (fs *fakefs) Remove(name string) error {
@@ -387,7 +445,7 @@ func (fs *fakefs) Rename(oldname, newname string) error {
}
dst, ok := p1.children[filepath.Base(newname)]
if ok && dst.isdir {
if ok && dst.entryType == fakeEntryTypeDir {
return errors.New("is a directory")
}
@@ -513,7 +571,7 @@ func (f *fakeFile) readShortAt(p []byte, offs int64) (int, error) {
// start of the block to serve a given read. 128 KiB blocks fit
// reasonably well with the type of IO Syncthing tends to do.
if f.isdir {
if f.entryType == fakeEntryTypeDir {
return 0, errors.New("is a directory")
}
@@ -570,7 +628,7 @@ func (f *fakeFile) Seek(offset int64, whence int) (int64, error) {
f.mut.Lock()
defer f.mut.Unlock()
if f.isdir {
if f.entryType == fakeEntryTypeDir {
return 0, errors.New("is a directory")
}
@@ -603,7 +661,7 @@ func (f *fakeFile) WriteAt(p []byte, off int64) (int, error) {
f.mut.Lock()
defer f.mut.Unlock()
if f.isdir {
if f.entryType == fakeEntryTypeDir {
return 0, errors.New("is a directory")
}
@@ -661,13 +719,21 @@ func (f *fakeFileInfo) ModTime() time.Time {
}
func (f *fakeFileInfo) IsDir() bool {
return f.isdir
return f.entryType == fakeEntryTypeDir
}
func (f *fakeFileInfo) IsRegular() bool {
return !f.isdir
return f.entryType == fakeEntryTypeFile
}
func (f *fakeFileInfo) IsSymlink() bool {
return false
return f.entryType == fakeEntryTypeSymlink
}
func (f *fakeFileInfo) Owner() int {
return f.uid
}
func (f *fakeFileInfo) Group() int {
return f.gid
}

20
lib/fs/fakefs_test.go
View File

@@ -101,6 +101,26 @@ func TestFakeFS(t *testing.T) {
if !bytes.Equal(bs0, bs1[1:]) {
t.Error("wrong data")
}
// Create symlink
if err := fs.CreateSymlink("foo", "dira/dirb/symlink"); err != nil {
t.Fatal(err)
}
if str, err := fs.ReadSymlink("dira/dirb/symlink"); err != nil {
t.Fatal(err)
} else if str != "foo" {
t.Error("Wrong symlink destination", str)
}
// Chown
if err := fs.Lchown("dira", 1234, 5678); err != nil {
t.Fatal(err)
}
if info, err := fs.Lstat("dira"); err != nil {
t.Fatal(err)
} else if info.Owner() != 1234 || info.Group() != 5678 {
t.Error("Wrong owner/group")
}
}
func TestFakeFSRead(t *testing.T) {

25
lib/fs/fileinfo_unix.go Normal file
View File

@@ -0,0 +1,25 @@
// Copyright (C) 2019 The Syncthing Authors.
//
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this file,
// You can obtain one at https://mozilla.org/MPL/2.0/.
// +build !windows
package fs
import "syscall"
func (e fsFileInfo) Owner() int {
if st, ok := e.Sys().(*syscall.Stat_t); ok {
return int(st.Uid)
}
return -1
}
func (e fsFileInfo) Group() int {
if st, ok := e.Sys().(*syscall.Stat_t); ok {
return int(st.Gid)
}
return -1
}

15
lib/fs/fileinfo_windows.go Normal file
View File

@@ -0,0 +1,15 @@
// Copyright (C) 2019 The Syncthing Authors.
//
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this file,
// You can obtain one at https://mozilla.org/MPL/2.0/.
package fs
func (e fsFileInfo) Owner() int {
return -1
}
func (e fsFileInfo) Group() int {
return -1
}

3
lib/fs/filesystem.go
View File

@@ -19,6 +19,7 @@ import (
// The Filesystem interface abstracts access to the file system.
type Filesystem interface {
Chmod(name string, mode FileMode) error
Lchown(name string, uid, gid int) error
Chtimes(name string, atime time.Time, mtime time.Time) error
Create(name string) (File, error)
CreateSymlink(target, name string) error
@@ -74,6 +75,8 @@ type FileInfo interface {
// Extensions
IsRegular() bool
IsSymlink() bool
Owner() int
Group() int
}
// FileMode is similar to os.FileMode