From b8210f431e7dd771256970cc216be0e85016c93d Mon Sep 17 00:00:00 2001
From: hjp <hjp@d47eeb7a-11fe-0310-b519-e5a4e12f9765>
Date: Sun, 28 Jun 2009 20:24:18 +0000
Subject: [PATCH] Fixed equality checking for setuid files. Setuid files are
 now stored as setuid which means that the backup volume should be mounted
 nosuid or even noexec unless you trust all your clients.

---
 Notes           |  2 --
 lib/Simba/CA.pm | 16 ++++++++++------
 t/02_ca.t       | 11 +++++++++++
 3 files changed, 21 insertions(+), 8 deletions(-)

diff --git a/Notes b/Notes
index 065f25a..ab3e182 100644
--- a/Notes
+++ b/Notes
@@ -61,8 +61,6 @@ Tape performance:
 	About 5-6 MB/s for /dev/nst0, @ 64 kB Blocksize. (larger bs makes no
 	difference). File was about 26 MB, 75% compressible with gzip.
 
-Equality checking doesn't work for setuid files.
-
 exit if disk full
 
 On my 800 MHz PIII, the CPU usage is rather high. Some profiling seems
diff --git a/lib/Simba/CA.pm b/lib/Simba/CA.pm
index e8bd49c..ab24880 100644
--- a/lib/Simba/CA.pm
+++ b/lib/Simba/CA.pm
@@ -292,8 +292,8 @@ sub setmeta {
     $self->log(3, "$fn is tainted!") if tainted($fn);
     my $mode = $self->acl2mode($f);
     $self->log(3, "$mode is tainted!") if tainted($mode);
-    chmod($mode, $fn);
     chown($self->name2uid($f->{o}), $self->name2gid($f->{g}), $fn);
+    chmod($mode, $fn);
     utime(time, $f->{m}, $fn);
 }
 
@@ -597,11 +597,15 @@ sub store_file {
     if ($header =~ /^data (.*)/) {
         my $f2 = $self->parse($1);
         my $backup_filename = "$self->{this_backup}/$f->{name}";
-        # XXX - should not die unconditionally. At least some errors
-        # (e.g. "File name too long") are almost certainly specific to
-        # single files. We should report the error and continue with the
-        # next file.
-        open(my $file_bfd, '>:raw', $backup_filename) or die "cannot open backup file $backup_filename: $!";
+        my $file_bfd;
+        unless (open($file_bfd, '>:raw', $backup_filename)) {
+            $self->log(5, "cannot open backup file $backup_filename: $!");
+            # There may be some errors from which we can recover, e.g., for 
+            # "File name too long" we could just shorten the file name. But for
+            # now we just skip the file:
+            $self->close_file_connection;
+            return 0;
+        }
         my $size = $f2->{s};
         my $err;
         my $sha1 = Digest::SHA1->new;
diff --git a/t/02_ca.t b/t/02_ca.t
index e65ee03..ddad03b 100644
--- a/t/02_ca.t
+++ b/t/02_ca.t
@@ -42,16 +42,27 @@ SKIP: {
     print $fh "test\n";
     close($fh);
 
+    open $fh, '>:raw', '/var/tmp/simba_test/d2/f3';
+    print $fh "#!/bin/sh\n";
+    chmod(04511, $fh);
+    close($fh);
+
     $ca->run();
     my $this_backup = $ca->{this_backup};
+
     my $st1 = lstat("$this_backup/d1/f1");
     ok($st1, "file 1 exists");
     is($st1->nlink, 2, "file 1 has 2 links");
+
     my $st2 = lstat("$this_backup/d2/f2");
     ok($st2, "file 2 exists");
     is($st2->nlink, 2, "file 2 has 2 links");
     is($st1->ino, $st2->ino, , "file 1 and 2 are the same");
 
+    my $st3 = lstat("$this_backup/d2/f3");
+    ok($st3, "file 3 exists");
+    cmp_ok($st3->mode & 07777, '==', 04511, , "mode of file 3 is correct");
+
     # cleanup
     system("rm", "-rf", $this_backup);
     $ca->{dbh}->do("delete from versions");