From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.1 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 Received: from second.openwall.net (second.openwall.net [193.110.157.125]) by inbox.vuxu.org (Postfix) with SMTP id 4019A29B59 for ; Wed, 31 Jan 2024 14:47:08 +0100 (CET) Received: (qmail 26026 invoked by uid 550); 31 Jan 2024 13:44:40 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 25991 invoked from network); 31 Jan 2024 13:44:40 -0000 Date: Wed, 31 Jan 2024 08:47:10 -0500 From: Rich Felker To: Tim Cuthbertson Cc: musl@lists.openwall.com Message-ID: <20240131134710.GU4163@brightrain.aerifal.cx> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Subject: Re: [musl] Bug: installed symlinks are unreadable on MacOS On Wed, Jan 31, 2024 at 01:30:21PM +1100, Tim Cuthbertson wrote: > I'm not subscribed to the mailing list, please CC me on replies. > > Installed symlinks (specifically ld-musl-x86_64.so.1 have permissions 0700 > on MacOS, which means only the owner (typically root) can read them. > > Symlink permissions can't be anything but 0777 on Linux, but on Mac they > can be set, and in this case are being inherited from the 077 umask in > install.sh: > > ``` > $ ls -l > /nix/store/fgkznmnz1swzp8ck75fa2zvj62pkjgvq-musl-x86_64-unknown-linux-musl-1.2.3/lib/ld-musl-x86_64.so.1 > ls: cannot read symbolic link > '/nix/store/fgkznmnz1swzp8ck75fa2zvj62pkjgvq-musl-x86_64-unknown-linux-musl-1.2.3/lib/ld-musl-x86_64.so.1': > Permission denied > lrwx------ 1 root wheel 7 Jan 1 1970 > /nix/store/fgkznmnz1swzp8ck75fa2zvj62pkjgvq-musl-x86_64-unknown-linux-musl-1.2.3/lib/ld-musl-x86_64.so.1 > ``` > > My fix (attached) is to use `umask 022`, which was already being used to > make directories. It's not practical to fix this by specifying the intended > permissions for this symlink, as setting link permissions requires the > nonstandard `-h` chmod flag, which presumably fails on other platforms. > > First discovered when cross-building on MacOS for linux: > https://github.com/NixOS/nixpkgs/issues/285141 > > I've tested the fix works in nix. I am fairly confident the same issue > exists outside of Nix given the fix, but I haven't built musl before and > ran into unrelated errors. > > Thanks, > - Tim Thanks for catching this. Do you think it might be better to put umask 000 inside the symlink case instead of just reusing the 022 from dir? 000 seems like what you actually want to fix the symlink behavior. Alternatively maybe we should set umask to the complement of the desired mode? Rich