Re: [PATCH] install: add -C option to install file only when necessary

[Jim Meyering]

Kamil Dudka <address@hidden> wrote:
...
> +  install --compare (-C) installs file, unless target already exists and is
> +  the same file, in which case the modification time is not changed
> +

While rewriting that,

  install accepts a new option, --compare (-C): compare each pair of source
  and destination files, and if the destination has identical content and
  any specified owner, group, permissions, and possibly SELinux context, then
  do not modify the destination at all.

I realized that install must also handle the case in which
no explicit owner or group option is specified, yet the destination
owner and/or group do not match the effective ones.

i.e., some file is installed with owner:group of WRONG_USER:WRONG_GROUP,
yet with proper permissions and matching content, and root runs
install F /ABS/NAME/OF/F

In that case we *do* want it to unlink the original and perform the
copy.  Currently it would not.  This is especially important with
set-gid and set-uid programs.

> +  if (!S_ISREG(src_sb.st_mode) || !S_ISREG(dest_sb.st_mode))
> +    return true;
> +
> +  if (src_sb.st_size != dest_sb.st_size
> +      || (dest_sb.st_mode & CHMOD_MODE_BITS) != mode
> +      || (owner_id != (uid_t) -1 && dest_sb.st_uid != owner_id)
> +      || (group_id != (gid_t) -1 && dest_sb.st_gid != group_id))
> +    return true;

so replacing the owner/group tests with these should fix it:

    || dest_sb.st_uid != (owner_id == (uid_t) -1 ? geteuid () : owner_id)
    || dest_sb.st_gid != (group_id == (gid_t) -1 ? getegid () : group_id)

But that doesn't take account of the perhaps-unusual case
in which the destination directory is set-gid (on a file system
where that matters).

Now that I think of security, I'd prefer that if any non-permission mode
bits (S_ISUID, S_ISGID, S_ISVTX) should be set, we simply short-circuit
the optimization and always unlink and then copy.

I hope you don't mind going going one more round...