From 6ccee8fd5e67454c7702857f74c1998fabdc7c23 Mon Sep 17 00:00:00 2001
From: Juan RP <xtraeme@gmail.com>
Date: Thu, 13 Feb 2020 08:49:58 +0100
Subject: [PATCH] xbps-uchroot: overlayfs fixes v2.

- Do not use nftw(3), this won't clean up the tree properly.
  Rather use scandir(3) with alphasort, like xbps-create(1).

- Don't drop privs in the parent to make sure that the
  temp overlayfs tree can be removed properly.

This fixes the issues while building go modules and others
with xbps-src.
---
 bin/xbps-uchroot/main.c | 98 +++++++++++++++++++++++++++++------------
 1 file changed, 69 insertions(+), 29 deletions(-)

diff --git a/bin/xbps-uchroot/main.c b/bin/xbps-uchroot/main.c
index c494a36b..147c77c5 100644
--- a/bin/xbps-uchroot/main.c
+++ b/bin/xbps-uchroot/main.c
@@ -52,6 +52,7 @@
 #include <ftw.h>
 #include <signal.h>
 #include <getopt.h>
+#include <dirent.h>
 
 #include <xbps.h>
 #include "queue.h"
@@ -109,19 +110,16 @@ die(const char *fmt, ...)
 }
 
 static int
-ftw_cb(const char *fpath, const struct stat *sb UNUSED, int type,
-		struct FTW *ftwbuf UNUSED)
+ftw_cb(const char *fpath, const struct stat *sb)
 {
 	int sverrno = 0;
 
-	if (type == FTW_F || type == FTW_SL || type == FTW_SLN) {
-		if (unlink(fpath) == -1)
-			sverrno = errno;
-	} else if (type == FTW_D || type == FTW_DNR || type == FTW_DP) {
+	if (S_ISDIR(sb->st_mode)) {
 		if (rmdir(fpath) == -1)
 			sverrno = errno;
 	} else {
-		return 0;
+		if (unlink(fpath) == -1)
+			sverrno = errno;
 	}
 	if (sverrno != 0) {
 		fprintf(stderr, "Failed to remove %s: %s\n", fpath, strerror(sverrno));
@@ -129,20 +127,69 @@ ftw_cb(const char *fpath, const struct stat *sb UNUSED, int type,
 	return 0;
 }
 
+static int
+walk_dir(const char *path,
+	int (*fn)(const char *fpath, const struct stat *sb))
+{
+	struct dirent **list;
+	struct stat sb;
+	const char *p;
+	char tmp_path[PATH_MAX] = {0};
+	int rv, i;
+
+	i = scandir(path, &list, NULL, alphasort);
+	if (i == -1) {
+		rv = -1;
+		goto out;
+	}
+	while (i--) {
+		p = list[i]->d_name;
+		if (strcmp(p, ".") == 0 || strcmp(p, "..") == 0)
+                        continue;
+                if (strlen(path) + strlen(p) + 1 >= (PATH_MAX - 1)) {
+                        errno = ENAMETOOLONG;
+                        rv = -1;
+                        break;
+                }
+                strncpy(tmp_path, path, PATH_MAX - 1);
+                strncat(tmp_path, "/", PATH_MAX - 1 - strlen(tmp_path));
+                strncat(tmp_path, p, PATH_MAX - 1 - strlen(tmp_path));
+                if (lstat(tmp_path, &sb) < 0) {
+			break;
+                }
+                if (S_ISDIR(sb.st_mode)) {
+			if (walk_dir(tmp_path, fn) < 0) {
+				rv = -1;
+				break;
+			}
+		}
+		rv = fn(tmp_path, &sb);
+		if (rv != 0) {
+			break;
+		}
+
+        }
+out:
+	free(list);
+	return rv;
+}
+
 static void
 cleanup_overlayfs(void)
 {
 	if (tmpdir == NULL)
 		return;
 
-	if (!overlayfs_on_tmpfs) {
-		/* recursively remove the temporary dir */
-		if (nftw(tmpdir, ftw_cb, 20, FTW_MOUNT|FTW_PHYS|FTW_DEPTH) != 0) {
-			fprintf(stderr, "Failed to remove directory tree %s: %s\n",
-				tmpdir, strerror(errno));
-			exit(EXIT_FAILURE);
-		}
+	if (overlayfs_on_tmpfs)
+		goto out;
+
+	/* recursively remove the temporary dir */
+	if (walk_dir(tmpdir, ftw_cb) != 0) {
+		fprintf(stderr, "Failed to remove directory tree %s: %s\n",
+			tmpdir, strerror(errno));
+		exit(EXIT_FAILURE);
 	}
+out:
 	rmdir(tmpdir);
 }
 
@@ -342,17 +389,16 @@ main(int argc, char **argv)
 			die("failed to create tmpdir directory");
 		if (chown(tmpdir, ruid, rgid) == -1)
 			die("chown tmpdir %s", tmpdir);
+		/*
+		 * Register a signal handler to clean up temporary masterdir.
+		 */
+		memset(&sa, 0, sizeof(sa));
+		sa.sa_handler = sighandler_cleanup;
+		sigaction(SIGINT, &sa, NULL);
+		sigaction(SIGTERM, &sa, NULL);
+		sigaction(SIGQUIT, &sa, NULL);
 	}
 
-	/*
-	 * Register a signal handler to clean up temporary masterdir.
-	 */
-	memset(&sa, 0, sizeof(sa));
-	sa.sa_handler = sighandler_cleanup;
-	sigaction(SIGINT, &sa, NULL);
-	sigaction(SIGTERM, &sa, NULL);
-	sigaction(SIGQUIT, &sa, NULL);
-
 	clone_flags = (SIGCHLD|CLONE_NEWNS|CLONE_NEWIPC|CLONE_NEWUTS|CLONE_NEWPID);
 	container_flags = clone_flags & ~(CLONE_NEWNS|CLONE_NEWIPC|CLONE_NEWUTS|CLONE_NEWPID);
 
@@ -420,12 +466,6 @@ main(int argc, char **argv)
 		if (execvp(cmd, cmdargs) == -1)
 			die("Failed to execute command %s", cmd);
 	}
-	/* Switch back to the gid/uid of invoking process also in the parent */
-	if (setgid(rgid) == -1)
-		die("setgid child");
-	if (setuid(ruid) == -1)
-		die("setuid child");
-
 	/* Wait until the child terminates */
 	while (waitpid(child, &child_status, 0) < 0) {
 		if (errno != EINTR)