| Age | Commit message (Collapse) | Author | 
|---|
|  | Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | This commit mainly serves the static analysis tooling.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | - Instead of using the fstree root, let the caller specify it.
 - Add a flag to prevent recursion into sub directories.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | In addition to skipping non-prefixed files and stripping the prefix
off of entries we accept, the targets of links also have to be altered,
since they can be absolute paths with the root prefix attached.
This can affect symbolic links as well. Altough they are allowed to
point into nowhere, across filesystem boundaries, they may also be
absolute paths refering to existing locations in the filesystem, so
no distinction is made by default.
However, the later may be intended (e.g. only a subdirectory is packed
into SquashFS and then mounted at that location), so a command line
switch is added to disable symlink retargetting.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | If rdsquashfs describes a filesystem, is configured to use a prefix-path
and a file contains a space, the resulting input path has the prefix
printed as is and the rest of the string in quotation marks.
gensquashfs simply takes the entire rest of the line as is as its
input path and no longer finds the file.
Fix this by omitting the escapes and quotation marks for the
input path.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Modify the man pages and help texts to mention compression support, make
the help option display a list of supported compressors.
Also clarify the squashfs compressor list in the help text to state that
the list shows block compressors supported for SquashFS compression.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | If tar2sqfs and sqfs2tar want to use comperssion via libfstream, they
need to link against the compressor libraries.
Also, libfstream may need the apropriate cflags to access the headers
on some platforms.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | This commit rewrites the libtar write paths to use libfstream insead of
a FILE pointer. Also, the libcommon file extraction function is remodeled
to use libfstream.
In accordance, rdsquashfs, sqfs2tar and sqfsdiff have some minor
adjustments made to work with the ported libtar and libcommon.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Behave the same way as the POSIX port and do not treat
that as an error.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | This commit adds a --stat option to rdsquashfs that dumps a lot of
information about and inode that tunred out to be usefull in
debugging.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | If a SquashFS archive contains file names with '..', '/' or similar
nonsense in them, the unpacking code already refuses to process them,
but the 'describe' code path simply triggers an assert that might not
be there if the binary was compiled with NDEBUG defined.
This commit replaces the assert with propper error handling that also
reports on why things are failing and adds an additional check in the
describe_tree function that tests if the file name is sane.
Reported-by: Zachary Dremann <dremann@gmail.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | On a current Fedora 31, when cross compiling with mingw, pkg config
manages to find the Selinux library, but not the header. The configure
script disables WITH_SELINUX, but the library variable is still set,
causing a linker error further down the line.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | - Move the xattr extraction and repacking to xattr.c
 - Don't on-the-fly delete the tar xattr list, use the function
   from libtar.a
 - Split minor tasks into static helper functions
   - creating a libtar xattr struct from libsqfs xattr data
   - finding a hard link entry from current path and inode number
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | - Split up the huge file in bin/ into one small file per sub directory
 - Remove the stub in doc/
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | This commit breaks tar2sqfs.c into multiple files:
 - options.c contains the command line argument processing
 - process_tarball.c contains the main tar repacking code
 - tar2sqfs.c contains what is left (the main function)
 - A header is added for gluing it all together.
No actual code is changed. The tar repacking code is slightly modified
to pass the sqfs writer and input file pointer around as argument rather
than using a global variable.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | This comit breaks sqfs2tar into multiple files:
 - options.c contains the command line argument processing
 - write_tree.c contains the code for generating the actual tar archive
 - sqfs2tar.c contains what is left
 - A header is added for glueing it all together.
No actual code is changed.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | This commit modifies sqfsdiff to extract the compressor options from
the squashfs image and store them in a compressor configuration if
possible. The failure path is modified to *not* burst into flames on
error, because those options are not required by any compressor to
read data from the disk and pretty much every vendor modifed SquashFS
has messed with those to the point that they cannot be propperly
decoded (or the flag is set and there are no options).
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Its purely informational, but make sure other programs don't print
out scary messages that imply the data has been ineficiently.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Change the "required_argument" to the correct "no_argument".
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Until now, when packing or unpacking a SquashFS image, files where
created with paranoid permissions (i.e. 0600). The rational behind
this was that otherwise, the tools may inadvertently expose secrets,
e.g. if a root user packs files that that aren't world readable,
such as the /etc/shadows file, but the packed SquashFS image is, we
have accidentally leaked this file to other users that can access
the newly created SquashFS image. The same line of reasoning also
applies when unpacking files.
Unfortunately, this breaks a list of other, more common standard use
cases (e.g. a build server where the an image is built by a deamon
running as user X but then has to be accessed by another deamon
running as Y).
This commit changes to a more standard approach of using permissive
file permissions by default and asking paranoid users to simply use
a paranoid umask.
For tar2sqfs & gensquashfs this simply means chaning the default
permissions in the libsquashfs file implementation.
For rdsquashfs on the other hand there is still the use case where
the unpacked files get the permissions from the [secret] image, so
setting a strict umask is not applicable and changing to permissive
file mode leaks something. For this case a second code path needs to
be added that derives the permissions from the ones in the image.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | On the one hand, this commit cleanes the code a bit by splitting
the "scan directory contents" code from the "scan xattrs from
directory contents" and moving the later in a seperate file.
On the other hand, the xattr scanning is now done *after* the fstree
is post processed, which includes sorting it. This way, the xattrs
are always added in a deterministic, reproducible order.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | A common use case for mksquashfs is to simply pack a directory and set
a magic option to force all user/group IDs to root.
This commit adds similar options to gensquashfs to maek it better
suited as a direct replacement for packing an input directory.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 
|  | Instead of having the binary programs in randomly named subdirectories,
move all of them to a "bin" subdirectory, similar to the utility
libraries that have subdirectories within "lib" and give the
subdirectories the propper names (e.g. have gensquashfs source in a
directory *actually* named "gensquashfs").
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> |