Created on 2011-08-25 14:17 by seblu, last changed 2011-09-12 15:47 by merwok. This issue is now closed.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| tarfile-bug.patch | seblu, 2011-08-25 14:17 | review | ||
| Messages (13) | |||
|---|---|---|---|
| msg142969 - (view) | Author: Sebastien Luttringer (seblu) | Date: 2011-08-25 14:17 | |
This patch fix extraction of tarfile which override tarfile uid/gid tarfile.py extract function override uid/gid of a file if uid/gid is not existant on the system. When user is not root (uid 0), common behaviour of extracting is correct. When user is root, python implementation try to preserve (like tar -p) ownership from tarball, but if uid/gid doesn't exist it remplace by process uid/gid. This leads to fake the expected behaviour of preservation! By example, extracting tarball with a root filesystem will create incorrect ownership for file where owner/group is not on the current filesystem. |
|||
| msg142970 - (view) | Author: Martin v. Löwis (loewis) *  |
Date: 2011-08-25 14:32 | |
Lars, any comment? |
|||
| msg143100 - (view) | Author: Lars Gustäbel (lars.gustaebel) * |
Date: 2011-08-28 16:06 | |
The patch is fine. Thank you very much for it, Sebastien. I think we have to go without a unit test. |
|||
| msg143121 - (view) | Author: STINNER Victor (haypo) * |
Date: 2011-08-28 20:00 | |
Should this bug be fixed in 3.3, or 2.7+3.2+3.3? |
|||
| msg143130 - (view) | Author: Lars Gustäbel (lars.gustaebel) * |
Date: 2011-08-29 07:14 | |
Yes, it should be fixed in all affected branches. |
|||
| msg143131 - (view) | Author: STINNER Victor (haypo) * |
Date: 2011-08-29 08:19 | |
The patch looks ok. Can you push it Lars? |
|||
| msg143172 - (view) | Author: Lars Gustäbel (lars.gustaebel) * |
Date: 2011-08-29 18:35 | |
Yes, I can do that as soon as I've managed to wrap my head around using Mercurial and the new way of developing Python. I have been away from Python programming for quite some time and haven't adapted my workflow yet. |
|||
| msg143175 - (view) | Author: STINNER Victor (haypo) * |
Date: 2011-08-29 19:37 | |
You can get a lot of information on this guide: http://docs.python.org/devguide/setup.html#getting-set-up You can also ask on IRC (#python-dev on Freenode), or by email on the python-dev mailing list. It was really hard for me to switch from Subversion to Mercurial. Not because of the merge and the push things, but because of the 4 different Python branches! So don't hesitate to ask me questions about how I use Mercurial ;-) |
|||
| msg143524 - (view) | Author: Roundup Robot (python-dev) | Date: 2011-09-05 15:14 | |
New changeset 2bc122347351 by Lars Gustäbel in branch '3.2': Issue #12841: Fix tarfile extraction of non-existent uids/gids. http://hg.python.org/cpython/rev/2bc122347351 New changeset da59abc0ce3b by Lars Gustäbel in branch 'default': Merge with 3.2: Issue #12841: Fix tarfile extraction of non-existent uids/gids. http://hg.python.org/cpython/rev/da59abc0ce3b New changeset b64ef2951093 by Lars Gustäbel in branch '2.7': Issue #12841: Fix tarfile extraction of non-existent uids/gids. http://hg.python.org/cpython/rev/b64ef2951093 |
|||
| msg143528 - (view) | Author: Lars Gustäbel (lars.gustaebel) * |
Date: 2011-09-05 15:19 | |
Close as fixed. Thanks all! |
|||
| msg143769 - (view) | Author: Éric Araujo (merwok) * |
Date: 2011-09-09 16:57 | |
> I think we have to go without a unit test. May I ask why? I don’t know tarfile well, but I know that a lot can be done with unittest. |
|||
| msg143804 - (view) | Author: Lars Gustäbel (lars.gustaebel) * |
Date: 2011-09-09 21:40 | |
It's the low-level operating system aspects of tarfile that are very difficult to test, e.g. filesystem and operating system dependent features such as symbolic links, hard links, file permissions, ownership. It is not even possible to reliably determine the filesystem the testsuite currently runs on. Also, superuser privileges are needed for some operations to work, e.g. chown(). A testsuite is normally not run as root, so a test that depends on this will never get enough coverage. |
|||
| msg143909 - (view) | Author: Éric Araujo (merwok) * |
Date: 2011-09-12 15:47 | |
I understand. Unit tests can work with file permissions, ownership and links, but they can’t create different filesystems or ask for superuser rights. test_shutil contains a few tests that purport to test cross-filesystems usage but may or may not actually do it (#9999). |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2011-09-12 15:47:41 | merwok | set | messages: + msg143909 |
| 2011-09-09 21:40:48 | lars.gustaebel | set | messages: + msg143804 |
| 2011-09-09 16:57:33 | merwok | set | nosy:
+ merwok messages: + msg143769 |
| 2011-09-05 15:19:59 | lars.gustaebel | set | status: open -> closed resolution: fixed messages: + msg143528 stage: resolved |
| 2011-09-05 15:14:43 | python-dev | set | nosy:
+ python-dev messages: + msg143524 |
| 2011-09-02 10:15:00 | doughellmann | set | nosy:
+ doughellmann |
| 2011-09-02 08:58:20 | lars.gustaebel | set | versions: + Python 2.7, Python 3.3 |
| 2011-08-29 19:37:06 | haypo | set | messages: + msg143175 |
| 2011-08-29 18:35:28 | lars.gustaebel | set | messages: + msg143172 |
| 2011-08-29 08:19:29 | haypo | set | messages: + msg143131 |
| 2011-08-29 07:14:50 | lars.gustaebel | set | messages: + msg143130 |
| 2011-08-28 20:00:58 | haypo | set | messages: + msg143121 |
| 2011-08-28 16:06:38 | lars.gustaebel | set | messages: + msg143100 |
| 2011-08-25 15:24:02 | haypo | set | nosy:
+ haypo |
| 2011-08-25 14:32:28 | loewis | set | assignee: lars.gustaebel messages: + msg142970 nosy: + loewis, lars.gustaebel |
| 2011-08-25 14:17:13 | seblu | create | |