> Date: Mon, 25 Apr 2016 15:23:47 +0000 > From: Robert Peichaer <[email protected]> > > On Mon, Apr 25, 2016 at 10:57:37AM -0400, Ted Unangst wrote: > > Theo de Raadt wrote: > > > + cp -p /usr/lib/$_lib /usr/lib/$_tmplib > > > + install -o root -g bin -m 0444 $_lib /usr/lib/$_lib && > > > + rm -f /usr/lib/$_tmplib || > > > + mv /usr/lib/$_tmplib /usr/lib/$_lib > > > > I'm a little confused by what's going on here. If the install fails, do we > > still want to overwrite the lib? > > > If the install fails, the original library file is restored.
Wait! Does that mean there is a moment where there is not a valid libc.so installed? That would be wrong wouldn't it? Doesn't the install command guarantee atomicity? > The "install .. && rm .. || mv ..." is identical to if-then-else and could > be written like this too. > > if install -o root -g bin -m 0444 $_lib /usr/lib/$_lib; then > rm -f /usr/lib/$_tmplib > else > mv /usr/lib/$_tmplib /usr/lib/$_lib > fi > >
