Bug#531639: marked as done (rsync can end up deleting unrelated files when a directory is replaced by a symlink)

Debian Bug Tracking System Tue, 28 Feb 2017 04:39:34 -0800

Your message dated Tue, 28 Feb 2017 14:38:02 +0200
with message-id <20170228123802.s5ncd6w2qhu3sy4b@localhost>
and subject line Closing bugs already fixed in oldstable (wheezy)
has caused the Debian Bug report #531639,
regarding rsync can end up deleting unrelated files when a directory is 
replaced by a symlink
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
531639: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531639
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Subject: rsync can end up deleting unrelated files when a directory is replaced 
by a symlink
Package: rsync
Version: 3.0.3-2
Severity: important

I ran into this when reorganising some directories and putting
compatibility symlinks in place. The end result that the whole directory
went missing.

I think the best way to explain is a demonstration. We set up simple
source and destination directories:

% cd /tmp
% mkdir -p src/foo dst
% touch src/foo/some_file
% rsync -a -v --delete --delete-delay src/ dst/
sending incremental file list
foo/
foo/some_file

sent 123 bytes  received 35 bytes  316.00 bytes/sec
total size is 0  speedup is 0.00
% find src dst -ls
116737  1 drwx------   3 arthur  users  1024 Jun  2 23:48 src
116738  1 drwx------   2 arthur  users  1024 Jun  2 23:48 src/foo
116739  0 -rw-------   1 arthur  users     0 Jun  2 23:48 src/foo/some_file
120833  1 drwx------   3 arthur  users  1024 Jun  2 23:48 dst
120834  1 drwx------   2 arthur  users  1024 Jun  2 23:48 dst/foo
120835  0 -rw-------   1 arthur  users     0 Jun  2 23:48 dst/foo/some_file

So far so good. Now let's reorganise our src directory (note the
absolute symlink):

% mv src/foo src/bar
% ln -s /tmp/src/bar src/foo
% find src -ls
116737  1 drwx------   3 arthur  users  1024 Jun  2 23:49 src
116738  1 drwx------   2 arthur  users  1024 Jun  2 23:48 src/bar
116739  0 -rw-------   1 arthur  users     0 Jun  2 23:48 src/bar/some_file
116740  0 lrwxrwxrwx   1 arthur  users    12 Jun  2 23:49 src/foo -> 
/tmp/src/bar
% rsync -a -v --delete --delete-delay src/ dst/
sending incremental file list
./
deleting foo/some_file
foo -> /tmp/src/bar
bar/
bar/some_file
deleting foo/some_file
rsync: delete_file: rmdir(foo) failed: Not a directory (20)

sent 164 bytes  received 41 bytes  410.00 bytes/sec
total size is 12  speedup is 0.06
% find src dst -ls
116737  1 drwx------   3 arthur  users  1024 Jun  2 23:49 src
116738  1 drwx------   2 arthur  users  1024 Jun  2 23:50 src/bar
116740  0 lrwxrwxrwx   1 arthur  users    12 Jun  2 23:49 src/foo -> 
/tmp/src/bar
120833  1 drwx------   3 arthur  users  1024 Jun  2 23:49 dst
120835  1 drwx------   2 arthur  users  1024 Jun  2 23:48 dst/bar
120836  0 -rw-------   1 arthur  users     0 Jun  2 23:48 dst/bar/some_file
120834  0 lrwxrwxrwx   1 arthur  users    12 Jun  2 23:49 dst/foo -> 
/tmp/src/bar

The rsync errored out (which is anoying) but the real problem is that
some_file was removed from the src directory altogether. This can have
more grave consequences if the symlink points to some other place.

This could be considered a security bug because the source end can trick
the destination end to remove arbitrary files on the destination (I only
tested this in this local setup though).

Note that this only seems to happen with --delete-delay (at least not
with --delete-after and --delete-during). Also note that this does not
occur with the version from sid (3.0.5-1).

-- System Information:
Debian Release: 5.0.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (x86_64)

Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages rsync depends on:
ii  base-files                    5lenny2    Debian base system miscellaneous f
ii  libacl1                       2.2.47-2   Access control list shared library
ii  libc6                         2.7-18     GNU C Library: Shared libraries
ii  libpopt0                      1.14-4     lib for parsing cmdline parameters
ii  lsb-base                      3.2-20     Linux Standard Base 3.2 init scrip

rsync recommends no packages.

Versions of packages rsync suggests:
ii  openssh-client                1:5.1p1-5  secure shell client, an rlogin/rsh
ii  openssh-server                1:5.1p1-5  secure shell server, an rshd repla

-- no debconf information

-- 
-- arthur - [email protected] - http://people.debian.org/~adejong --

signature.asc
Description: This is a digitally signed message part

--- End Message ---

--- Begin Message ---

These bugs were already fixed in oldstable (wheezy).

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

--- End Message ---

Bug#531639: marked as done (rsync can end up deleting unrelated files when a directory is replaced by a symlink)

Reply via email to