Update libgsystem, use it to set dirfd-relative xattrs on symlinks

This is a bit more efficient in that we're not walking full paths, and
it helps avoid security/reliability issues if an attacker (or just a
misbehaving process) has the ability to mutate paths in the middle.

diff --git a/src/libgsystem b/src/libgsystem
index 8bf85b5db308846f4c55984ff73b8ee515b9b1d0..31cd0b96bba5ccf391f4c4f5d94cddce44c65793 160000 (submodule)
--- a/src/libgsystem
+++ b/src/libgsystem
@@ -1 +1 @@
-Subproject commit 8bf85b5db308846f4c55984ff73b8ee515b9b1d0
+Subproject commit 31cd0b96bba5ccf391f4c4f5d94cddce44c65793

diff --git a/src/libostree/ostree-repo-checkout.c b/src/libostree/ostree-repo-checkout.c
index 6bd393ab33e58cde16a7db60751fb82d58cf0d0d..eb7cf6ead7bf8c7a5746eeafc0a3da1d96891b6f 100644 (file)
--- a/src/libostree/ostree-repo-checkout.c
+++ b/src/libostree/ostree-repo-checkout.c
@@ -190,11 +190,10 @@ checkout_file_from_input_at (OstreeRepoCheckoutMode mode,
           goto out;
         }
           
-      /* Fall back to filename based setting here due to lack of lsetxattrat */
       if (xattrs)
         {
-          gs_unref_object GFile *path = g_file_get_child (destination_parent, destination_name);
-          if (!gs_file_set_all_xattrs (path, xattrs, cancellable, error))
+          if (!gs_dfd_and_name_set_all_xattrs (destination_dfd, destination_name,
+                                               xattrs, cancellable, error))
             goto out;
         }
     }
@@ -260,8 +259,8 @@ checkout_file_unioning_from_input_at (OstreeRepoCheckoutMode mode,
           
       if (xattrs)
         {
-          gs_unref_object GFile *temp_path = g_file_get_child (destination_parent, temp_filename);
-          if (!gs_file_set_all_xattrs (temp_path, xattrs, cancellable, error))
+          if (!gs_dfd_and_name_set_all_xattrs (destination_dfd, destination_name,
+                                               xattrs, cancellable, error))
             goto out;
         }
     }

diff --git a/src/libostree/ostree-repo-commit.c b/src/libostree/ostree-repo-commit.c
index 0e14e4c1686268c1f833b26f19fa97bedff0b94f..03629ed8d89d71d4c72edefb5573fa589c6655e8 100644 (file)
--- a/src/libostree/ostree-repo-commit.c
+++ b/src/libostree/ostree-repo-commit.c
@@ -87,12 +87,10 @@ commit_loose_object_trusted (OstreeRepo        *self,
           goto out;
         }
               
-      /* Sadly we can't use at-relative API for symlink xattrs
-       * because there's no lsetxattrat.
-       */
       if (xattrs != NULL)
         {
-          if (!gs_file_set_all_xattrs (temp_file, xattrs, cancellable, error))
+          if (!gs_dfd_and_name_set_all_xattrs (self->tmp_dir_fd, temp_filename,
+                                               xattrs, cancellable, error))
             goto out;
         }
     }