[Libguestfs] [PATCH 4/4] daemon: scrub-file: resolve the path before calling scrub (RHBZ#1099490).
Pino Toscano
ptoscano at redhat.com
Wed May 21 13:15:39 UTC 2014
Resolve the given path within the chroot, so scrub can be invoked
outside the chroot on an already-resolved path.
Add few tests in scrub-file for this and other similar issues.
---
daemon/scrub.c | 7 +++++--
generator/actions.ml | 13 ++++++++++++-
2 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/daemon/scrub.c b/daemon/scrub.c
index cd880b9..c10b0a0 100644
--- a/daemon/scrub.c
+++ b/daemon/scrub.c
@@ -58,8 +58,11 @@ do_scrub_file (const char *file)
CLEANUP_FREE char *err = NULL;
int r;
- /* Make the path relative to /sysroot. */
- buf = sysroot_path (file);
+ /* Resolve the path to the file, and make the result relative to /sysroot.
+ * If it fails, then the file most probably does not exist or "file" is
+ * a symlink pointing outside the chroot.
+ */
+ buf = sysroot_realpath (file);
if (!buf) {
reply_with_perror ("malloc");
return -1;
diff --git a/generator/actions.ml b/generator/actions.ml
index 85503ce..ed65c6e 100644
--- a/generator/actions.ml
+++ b/generator/actions.ml
@@ -5719,7 +5719,18 @@ manual page for more details." };
tests = [
InitScratchFS, Always, TestRun (
[["write"; "/scrub_file"; "content"];
- ["scrub_file"; "/scrub_file"]]), []
+ ["scrub_file"; "/scrub_file"]]), [];
+ InitScratchFS, Always, TestRun (
+ [["write"; "/scrub_file_2"; "content"];
+ ["ln_s"; "/scrub_file_2"; "/scrub_file_2_link"];
+ ["scrub_file"; "/scrub_file_2_link"]]), [];
+ InitScratchFS, Always, TestLastFail (
+ [["ln_s"; "/scrub_file_3_notexisting"; "/scrub_file_3_link"];
+ ["scrub_file"; "/scrub_file_3_link"]]), [];
+ InitScratchFS, Always, TestLastFail (
+ [["write"; "/scrub_file_4"; "content"];
+ ["ln_s"; "../sysroot/scrub_file_4"; "/scrub_file_4_link"];
+ ["scrub_file"; "/scrub_file_4_link"]]), [];
];
shortdesc = "scrub (securely wipe) a file";
longdesc = "\
--
1.9.0
More information about the Libguestfs
mailing list