Re: [Jailkit-dev] more jk_jailuser bugs

[Stephen Tallowitz]

Hello Oli,

> jk_jailuser now adds secundary groups as well, and I've tried to work
> around the permission problem. shutil.copy() should work better because
> the docs say: "Permission bits are copied.".
> 
> I try os.rename first, and if that fails I try shutil.copy()
> 
> can you test?

Secondary groups work fine, nice refactoring in source code ;-)
Moving still doesn't work as expected. After studying the shutil.py source code 
even more today, I've come to a bleak conclusion: there is not one single 
method in that class that provides cross-device copying while preserving 
ownership. There are several issues (some analysis):
- shutil.copy caters for access bits (meaning rwx, setuid, setgid, etc.)
- shutil.copy2 also copies atimes and mtimes of the files.
- the ideal method you're looking for (also preserve ownership) simply doesn't 
exist in that library. (maybe copy3 could be implemented by the python 
developers?)
- shutil.move more or less already does what you intended: try os.rename and if 
that fails revert to copying.
- shutil.move uses shutil.copytree if the source is a directory and 
shutil.copy2 if the source is a file
- shutil.copytree has several problems: 
  - first it creates the destination directory by using os.mkdir - probably as 
the owner running the python program, which in the case of jk_jailuser is 
totally undesirable.
  - then it copies files within the directory using shutil.copy2, which as 
mentioned before doesn't preserve ownership
  - and if shutil.copytree finds any directories within the sourcetree (not 
only files) it does a recursive call to itself, reproducing the problem 
throughout the whole directory tree (at least the behaviour is consistent).

My conclusion - there are three possibilities:
- Try os.rename and warn the user if it fails, telling the user that 
cross-device moving is not possible. Maybe along with the notice telling the 
user to move using 'mv source JAILDIR/home'. I've tested GNU mv from 
fileutils-4.0 on gentoo and it does preserve all information when moving across 
devices. I suppose BSDs do the same thing?
- Using some sort of exec() call from within python to call 'mv source 
JAILDIR/home' (probably quite dangerous).
- Implementing move() in jailkit - more time-consuming and will probably need 
some investigation into other python library functions. Of course many ideas of 
the shutil library could be used to ease the process of implementing such a 
method.

Personally, I'd opt for the first possibility. I wouldn't need loads of moving 
around anyway. I don't know about requirements of other jailkit users, though.
This would leave the path open, if the python devs fix the shutil library (they 
do mention in the source that improvements will have to be made). It also 
depends on how soon you want to realease the next version of jailkit, of course.

Cheers,
Stephen