Debian Bug report logs - #796257
dpkg-source: Does not respect permissions from tarball when umask is set to 0002

version graph

Package: dpkg-dev; Maintainer for dpkg-dev is Dpkg Developers <debian-dpkg@lists.debian.org>; Source for dpkg-dev is src:dpkg (PTS, buildd, popcon).

Affects: src:musescore, src:musescore-snapshot, src:musescore3

Reported by: Stéphane Glondu <glondu@debian.org>

Date: Thu, 20 Aug 2015 20:18:02 UTC

Severity: important

Found in versions dpkg/1.18.2, dpkg/1.19.7

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Dpkg Developers <debian-dpkg@lists.debian.org>:
Bug#796257; Package dpkg-dev. (Thu, 20 Aug 2015 20:18:05 GMT) (full text, mbox, link).

Acknowledgement sent to Stéphane Glondu <glondu@debian.org>:
New Bug report received and forwarded. Copy sent to Dpkg Developers <debian-dpkg@lists.debian.org>. (Thu, 20 Aug 2015 20:18:05 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Stéphane Glondu <glondu@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: dpkg-dev: dpkg-source does not respect permissions from tarball when umask is set to 0002
Date: Thu, 20 Aug 2015 22:14:48 +0200
Package: dpkg-dev
Version: 1.18.2
Severity: normal
User: reproducible-builds@lists.alioth.debian.org
Usertags: umask toolchain

Dear Maintainer,

$ umask 0002
$ apt-get source hello
$ ll hello-2.10|head -n5
total 1008K
-rw-rw-r-- 1 steph steph  92K nov.  16  2014 ABOUT-NLS
-rw-rw-r-- 1 steph steph  43K nov.  16  2014 aclocal.m4
-rw-rw-r-- 1 steph steph  593 juil. 19  2014 AUTHORS
drwxrwxr-x 3 steph steph 4,0K nov.  16  2014 build-aux
$ rm -rf hello-2.10
$ tar xf hello_2.10.orig.tar.gz
$ ll hello-2.10|head -n5
total 1004K
-rw-r--r-- 1 steph steph  92K nov.  16  2014 ABOUT-NLS
-rw-r--r-- 1 steph steph  43K nov.  16  2014 aclocal.m4
-rw-r--r-- 1 steph steph  593 juil. 19  2014 AUTHORS
drwxr-xr-x 3 steph steph 4,0K nov.  16  2014 build-aux

I expect the same behaviour w.r.t. permissions with dpkg-source and
tar.

Cheers,

-- 
Stéphane


-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.1.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages dpkg-dev depends on:
ii  base-files    9.2
ii  binutils      2.25.1-1
ii  bzip2         1.0.6-8
ii  libdpkg-perl  1.18.2
ii  make          4.0-8.1
ii  patch         2.7.5-1
ii  xz-utils      5.1.1alpha+20120614-2.1

Versions of packages dpkg-dev recommends:
ii  build-essential          11.7
ii  fakeroot                 1.20.2-1
ii  gcc [c-compiler]         4:4.9.2-4
ii  gcc-4.8 [c-compiler]     4.8.4-4
ii  gcc-4.9 [c-compiler]     4.9.3-3
ii  gnupg                    1.4.19-3
ii  gnupg2                   2.0.28-3
ii  gpgv                     1.4.19-3
ii  libalgorithm-merge-perl  0.08-2

Versions of packages dpkg-dev suggests:
ii  debian-keyring  2015.08.13

-- no debconf information

Information forwarded to debian-bugs-dist@lists.debian.org, Dpkg Developers <debian-dpkg@lists.debian.org>:
Bug#796257; Package dpkg-dev. (Thu, 10 Sep 2015 12:57:15 GMT) (full text, mbox, link).

Acknowledgement sent to Guillem Jover <guillem@debian.org>:
Extra info received and forwarded to list. Copy sent to Dpkg Developers <debian-dpkg@lists.debian.org>. (Thu, 10 Sep 2015 12:57:15 GMT) (full text, mbox, link).

Message #10 received at 796257@bugs.debian.org (full text, mbox, reply):

From: Guillem Jover <guillem@debian.org>
To: Stéphane Glondu <glondu@debian.org>, 796257@bugs.debian.org
Subject: Re: Bug#796257: dpkg-dev: dpkg-source does not respect permissions from tarball when umask is set to 0002
Date: Thu, 10 Sep 2015 14:53:55 +0200
Control: severity -1 wishlist

Hi!

On Thu, 2015-08-20 at 22:14:48 +0200, Stéphane Glondu wrote:
> Package: dpkg-dev
> Version: 1.18.2
> Severity: normal
> User: reproducible-builds@lists.alioth.debian.org
> Usertags: umask toolchain

> $ umask 0002
> $ apt-get source hello
> $ ll hello-2.10|head -n5
> total 1008K
> -rw-rw-r-- 1 steph steph  92K nov.  16  2014 ABOUT-NLS
> -rw-rw-r-- 1 steph steph  43K nov.  16  2014 aclocal.m4
> -rw-rw-r-- 1 steph steph  593 juil. 19  2014 AUTHORS
> drwxrwxr-x 3 steph steph 4,0K nov.  16  2014 build-aux
> $ rm -rf hello-2.10
> $ tar xf hello_2.10.orig.tar.gz
> $ ll hello-2.10|head -n5
> total 1004K
> -rw-r--r-- 1 steph steph  92K nov.  16  2014 ABOUT-NLS
> -rw-r--r-- 1 steph steph  43K nov.  16  2014 aclocal.m4
> -rw-r--r-- 1 steph steph  593 juil. 19  2014 AUTHORS
> drwxr-xr-x 3 steph steph 4,0K nov.  16  2014 build-aux
> 
> I expect the same behaviour w.r.t. permissions with dpkg-source and
> tar.

Hmmm, well, tar only fully preserves owners and permissions when running
as root. I did some digging on this and now I'm a bit conflicted, this
was implemente on purpose due to bugs #390915 and #207289.

The actual commit is
<http://anonscm.debian.org/cgit/dpkg/dpkg.git/commit/?id=e818d3b0cfc363ee7624c7a61f3e07f837312ad1>.

I'll have to think about it a bit more I guess.

Thanks,
Guillem

Severity set to 'wishlist' from 'normal' Request was from Guillem Jover <guillem@debian.org> to 796257-submit@bugs.debian.org. (Thu, 10 Sep 2015 12:57:15 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Dpkg Developers <debian-dpkg@lists.debian.org>:
Bug#796257; Package dpkg-dev. (Thu, 10 Sep 2015 15:33:04 GMT) (full text, mbox, link).

Acknowledgement sent to Stéphane Glondu <glondu@debian.org>:
Extra info received and forwarded to list. Copy sent to Dpkg Developers <debian-dpkg@lists.debian.org>. (Thu, 10 Sep 2015 15:33:04 GMT) (full text, mbox, link).

Message #17 received at 796257@bugs.debian.org (full text, mbox, reply):

From: Stéphane Glondu <glondu@debian.org>
To: Guillem Jover <guillem@debian.org>, 796257@bugs.debian.org
Cc: Ian Jackson <ijackson@chiark.greenend.org.uk>
Subject: Re: Bug#796257: dpkg-dev: dpkg-source does not respect permissions from tarball when umask is set to 0002
Date: Thu, 10 Sep 2015 17:32:15 +0200
Le 10/09/2015 14:53, Guillem Jover a écrit :
>> $ umask 0002
>> $ apt-get source hello
>> $ ll hello-2.10|head -n5
>> total 1008K
>> -rw-rw-r-- 1 steph steph  92K nov.  16  2014 ABOUT-NLS
>> -rw-rw-r-- 1 steph steph  43K nov.  16  2014 aclocal.m4
>> -rw-rw-r-- 1 steph steph  593 juil. 19  2014 AUTHORS
>> drwxrwxr-x 3 steph steph 4,0K nov.  16  2014 build-aux
>> $ rm -rf hello-2.10
>> $ tar xf hello_2.10.orig.tar.gz
>> $ ll hello-2.10|head -n5
>> total 1004K
>> -rw-r--r-- 1 steph steph  92K nov.  16  2014 ABOUT-NLS
>> -rw-r--r-- 1 steph steph  43K nov.  16  2014 aclocal.m4
>> -rw-r--r-- 1 steph steph  593 juil. 19  2014 AUTHORS
>> drwxr-xr-x 3 steph steph 4,0K nov.  16  2014 build-aux
>>
>> I expect the same behaviour w.r.t. permissions with dpkg-source and
>> tar.
> 
> Hmmm, well, tar only fully preserves owners and permissions when running
> as root. [...]

Owners are not preserved, but permissions are. The commands above were
run as non-root.

> [...] I did some digging on this and now I'm a bit conflicted, this
> was implemente on purpose due to bugs #390915 and #207289.
> 
> The actual commit is
> <http://anonscm.debian.org/cgit/dpkg/dpkg.git/commit/?id=e818d3b0cfc363ee7624c7a61f3e07f837312ad1>.
> 
> I'll have to think about it a bit more I guess.

Besides, the behaviour is documented in dpkg-source's manual (--extract
section). But I don't agree with it. CC'ing Ian Jackson, as he seems to
be the author of this. Maybe he can explain this behaviour.

Concerning #390915, I don't agree with the way the original (LP #51468)
bug was fixed. Again, plain tar behaves correctly IMHO.

Concerning #207289, I would say that the upstream tarball was at fault
and repacking it was the right solution.


Cheers,

-- 
Stéphane

Information forwarded to debian-bugs-dist@lists.debian.org, Dpkg Developers <debian-dpkg@lists.debian.org>:
Bug#796257; Package dpkg-dev. (Wed, 10 Oct 2018 17:27:06 GMT) (full text, mbox, link).

Acknowledgement sent to Ian Jackson <ijackson@chiark.greenend.org.uk>:
Extra info received and forwarded to list. Copy sent to Dpkg Developers <debian-dpkg@lists.debian.org>. (Wed, 10 Oct 2018 17:27:06 GMT) (full text, mbox, link).

Message #22 received at 796257@bugs.debian.org (full text, mbox, reply):

From: Ian Jackson <ijackson@chiark.greenend.org.uk>
To: 796257@bugs.debian.org
Cc: Stéphane Glondu <glondu@debian.org>
Subject: Bug#796257: dpkg-dev: dpkg-source does not respect permissions from tarball when umask is set to 0002
Date: Wed, 10 Oct 2018 18:24:32 +0100
Stéphane writes:
> Concerning #390915, I don't agree with the way the original (LP
> #51468) bug was fixed.  Again, plain tar behaves correctly IMHO.

Sorry that I didn't reply at the time.  I found this bug again now.

I still think that the fix in #390915 is correct.  Unpacking source
code definitely ought to respect the user's umask.  Otherwise the
source will not be writeable to their collaborators, as intended.

That tar (often, depending on options) behaves differently is because
tar is trying to be several different kinds of utility in one.

I think a package build where the output file permissions depend on
the user's umask is a buggy package build.  (And this is not just a
reproducibility issue.)  This is what we have dh_fixperms for: to
manage the difference between source file and intermediate build
product permissions (which should respect the user's umask) and 
binary-package-in-preparation permissions (which need to be those
intended for the output package).

Does that make sense ?

Thanks,
Ian.

-- 
Ian Jackson <ijackson@chiark.greenend.org.uk>   These opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.

Changed Bug title to 'dpkg-source: Does not respect permissions from tarball when umask is set to 0002' from 'dpkg-dev: dpkg-source does not respect permissions from tarball when umask is set to 0002'. Request was from Guillem Jover <guillem@debian.org> to control@bugs.debian.org. (Sat, 02 Mar 2019 20:06:08 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Dpkg Developers <debian-dpkg@lists.debian.org>:
Bug#796257; Package dpkg-dev. (Sat, 08 Feb 2020 17:03:03 GMT) (full text, mbox, link).

Acknowledgement sent to Thorsten Glaser <tg@mirbsd.de>:
Extra info received and forwarded to list. Copy sent to Dpkg Developers <debian-dpkg@lists.debian.org>. (Sat, 08 Feb 2020 17:03:03 GMT) (full text, mbox, link).

Message #29 received at 796257@bugs.debian.org (full text, mbox, reply):

From: Thorsten Glaser <tg@mirbsd.de>
To: Debian Bug Tracking System <796257@bugs.debian.org>
Subject: Re: dpkg-source: Does not respect permissions from tarball when umask is set to 0002
Date: Sat, 08 Feb 2020 18:00:15 +0100
Package: dpkg-dev
Version: 1.19.7
Followup-For: Bug #796257
Control: affects -1 src:musescore
Control: affects -1 src:musescore-snapshot

Please fix this bug; all other tarball extractors I’ve tested
(GNU tar, GNU cpio, paxtar, bsdtar/libarchive-tools) use the
permission bits from the archive, and all except GNU cpio then
mask those *further* by the user’s umask (but paxcpio/bsdcpio
behave the same).

This is important for reproducible builds as well: some tools
(like cmake) copy the extracted permissions.


-- Package-specific info:

-- System Information:
Debian Release: bullseye/sid
  APT prefers buildd-unstable
  APT policy: (500, 'buildd-unstable'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.4.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)

Versions of packages dpkg-dev depends on:
ii  binutils      2.34-2
ii  bzip2         1.0.8-2
ii  libdpkg-perl  1.19.7
ii  make          4.2.1-1.2
ii  patch         2.7.6-6
ii  perl          5.30.0-9
ii  tar           1.30+dfsg-6+b1
ii  xz-utils      5.2.4-1+b1

Versions of packages dpkg-dev recommends:
ii  build-essential          12.8
ii  fakeroot                 1.24-1
ii  gcc [c-compiler]         4:9.2.1-3.1
ii  gcc-9 [c-compiler]       9.2.1-26
ii  gnupg                    2.2.19-1
ii  gnupg2                   2.2.19-1
ii  gpgv                     2.2.19-1
pn  libalgorithm-merge-perl  <none>
ii  tcc [c-compiler]         0.9.27-8

Versions of packages dpkg-dev suggests:
ii  debian-keyring  2020.02.02

-- no debconf information

Added indication that 796257 affects src:musescore Request was from Thorsten Glaser <tg@mirbsd.de> to 796257-submit@bugs.debian.org. (Sat, 08 Feb 2020 17:03:03 GMT) (full text, mbox, link).

Added indication that 796257 affects src:musescore-snapshot Request was from Thorsten Glaser <tg@mirbsd.de> to 796257-submit@bugs.debian.org. (Sat, 08 Feb 2020 17:03:03 GMT) (full text, mbox, link).

Severity set to 'important' from 'wishlist' Request was from Thorsten Glaser <tg@mirbsd.de> to control@bugs.debian.org. (Fri, 15 May 2020 17:27:06 GMT) (full text, mbox, link).

Added indication that 796257 affects src:musescore3 Request was from Thorsten Glaser <t.glaser@tarent.de> to control@bugs.debian.org. (Sun, 25 Oct 2020 06:45:05 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Dpkg Developers <debian-dpkg@lists.debian.org>:
Bug#796257; Package dpkg-dev. (Thu, 01 Dec 2022 18:57:04 GMT) (full text, mbox, link).

Acknowledgement sent to Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>:
Extra info received and forwarded to list. Copy sent to Dpkg Developers <debian-dpkg@lists.debian.org>. (Thu, 01 Dec 2022 18:57:04 GMT) (full text, mbox, link).

Message #42 received at 796257@bugs.debian.org (full text, mbox, reply):

From: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
To: 796257@bugs.debian.org
Subject: Reproducible source pkg
Date: Thu, 1 Dec 2022 19:55:32 +0100
[Message part 1 (text/plain, inline)]
This bug has also interesting interaction with reproducing _source_
package. If you take source package and do:

    dpkg-source -x pkg.dsc
    dpkg-source -b dir

then, depending on umask, you may end up with a different source
package, even though you haven't changed anything. This happens at least
to files in debian/ (debian.tar.xz) for quilt package format.

This affects cases like feeding source package to pbuilder - the output
source package (and its hash in changes file) will be different than the
original source pkg - if original pkg was built with different umask.

IMHO _if_ dpkg-source really must mess with file permissions (of which I
do not agree), it should also normalize them in archives it create.

-- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab

[signature.asc (application/pgp-signature, inline)]

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed May 17 10:54:31 2023; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.