cp: preserve "capabilities" when also preserving file ownership

* src/copy.c (copy_reg): Copy xattrs _after_ setting file ownership so that capabilities are not cleared when setting ownership. * tests/cp/capability: A new root test. * tests/Makefile.am (root_tests): Reference the new test. * NEWS: Mention the fix.
2026-04-21 03:12:48 +02:00 · 2010-04-16 08:39:11 +01:00
parent 56fce1aed7
commit 1777d0dfe3
4 changed files with 75 additions and 14 deletions
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -23,6 +23,7 @@ root_tests =					\
  cp/preserve-gid				\
  cp/special-bits				\
  cp/cp-mv-enotsup-xattr			\
+  cp/capability					\
  dd/skip-seek-past-dev				\
  install/install-C-root			\
  ls/capability					\
--- a/tests/cp/capability
+++ b/tests/cp/capability
@@ -0,0 +1,56 @@
+#!/bin/sh
+# Ensure cp --preserves copies capabilities
+
+# Copyright (C) 2010 Free Software Foundation, Inc.
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+if test "$VERBOSE" = yes; then
+  set -x
+  ls --version
+fi
+
+. $srcdir/test-lib.sh
+require_root_
+working_umask_or_skip_
+
+
+grep '^#define HAVE_CAP 1' $CONFIG_HEADER > /dev/null \
+  || skip_test_ "configured without libcap support"
+
+(setcap --help) 2>&1 |grep 'usage: setcap' > /dev/null \
+  || skip_test_ "setcap utility not found"
+(getcap --help) 2>&1 |grep 'usage: getcap' > /dev/null \
+  || skip_test_ "getcap utility not found"
+
+
+touch file || framework_failure
+chown $NON_ROOT_USERNAME file || framework_failure
+
+setcap 'cap_net_bind_service=ep' file ||
+  skip_test_ "setcap doesn't work"
+getcap file | grep cap_net_bind_service >/dev/null ||
+  skip_test_ "getcap doesn't work"
+
+cp --preserve=xattr file copy1 || fail=1
+
+# Before coreutils 8.5 the capabilities would not be preserved,
+# as the owner was set _after_ copying xattrs, thus clearing any capabilities.
+cp --preserve=all   file copy2 || fail=1
+
+for file in copy1 copy2; do
+  getcap $file | grep cap_net_bind_service >/dev/null || fail=1
+done
+
+Exit $fail