From c87f1587dc9dd4a170f7b183efc30361818cfb72 Mon Sep 17 00:00:00 2001
From: espie <espie@openbsd.org>
Date: Sun, 10 Aug 2014 10:01:03 +0000
Subject: [PATCH] if pkg_create is run as non-root, restory correct group/owner
 to root/bin.

also, remove write permissions without explicit modes. Allows fake installs
to keep directories/files writable while producing correct package.
---
 usr.sbin/pkg_add/OpenBSD/ArcCheck.pm | 15 ++++++++++++++-
 usr.sbin/pkg_add/OpenBSD/Ustar.pm    | 17 ++++++++++++-----
 2 files changed, 26 insertions(+), 6 deletions(-)

diff --git a/usr.sbin/pkg_add/OpenBSD/ArcCheck.pm b/usr.sbin/pkg_add/OpenBSD/ArcCheck.pm
index 4bbbac5ad14..631ad74403a 100644
--- a/usr.sbin/pkg_add/OpenBSD/ArcCheck.pm
+++ b/usr.sbin/pkg_add/OpenBSD/ArcCheck.pm
@@ -1,5 +1,5 @@
 # ex:ts=8 sw=4:
-# $OpenBSD: ArcCheck.pm,v 1.25 2014/04/22 18:22:20 espie Exp $
+# $OpenBSD: ArcCheck.pm,v 1.26 2014/08/10 10:01:03 espie Exp $
 #
 # Copyright (c) 2005-2006 Marc Espie <espie@openbsd.org>
 #
@@ -98,6 +98,15 @@ sub prepare_long
 	} else {
 		$entry = $self->prepare($item->name);
 	}
+	if ($< && $entry->{uid} == $<) {
+		$entry->{uname} = $item->{owner} // "root";
+		delete $entry->{uid};
+	}
+	if ($( && $entry->{gid} == $() {
+		$entry->{gname} = $item->{group} // "bin";
+		delete $entry->{gid};
+	}
+	$entry->recheck_owner;
 	if (!defined $entry->{uname}) {
 		$self->fatal("No user name for #1 (uid #2)",
 		    $item->name, $entry->{uid});
@@ -106,6 +115,10 @@ sub prepare_long
 		$self->fatal("No group name for #1 (uid #2)",
 		    $item->name, $entry->{gid});
 	}
+	# disallow writable files/dirs without explicit annotation
+	if (!defined $item->{mode}) {
+		$entry->{mode} &= ~(S_IWUSR|S_IWGRP|S_IWOTH);
+	}
 	# if we're going to set the group or owner, sguid bits won't
 	# survive the extraction
 	if (defined $item->{group} || defined $item->{owner}) {
diff --git a/usr.sbin/pkg_add/OpenBSD/Ustar.pm b/usr.sbin/pkg_add/OpenBSD/Ustar.pm
index d41b3302a25..a0ab18c070b 100644
--- a/usr.sbin/pkg_add/OpenBSD/Ustar.pm
+++ b/usr.sbin/pkg_add/OpenBSD/Ustar.pm
@@ -1,5 +1,5 @@
 # ex:ts=8 sw=4:
-# $OpenBSD: Ustar.pm,v 1.80 2014/07/23 14:35:17 espie Exp $
+# $OpenBSD: Ustar.pm,v 1.81 2014/08/10 10:01:03 espie Exp $
 #
 # Copyright (c) 2002-2014 Marc Espie <espie@openbsd.org>
 #
@@ -49,10 +49,10 @@ use File::Basename ();
 use OpenBSD::IdCache;
 use OpenBSD::Paths;
 
-my $uidcache = new OpenBSD::UidCache;
-my $gidcache = new OpenBSD::GidCache;
-my $unamecache = new OpenBSD::UnameCache;
-my $gnamecache = new OpenBSD::GnameCache;
+our $uidcache = new OpenBSD::UidCache;
+our $gidcache = new OpenBSD::GidCache;
+our $unamecache = new OpenBSD::UnameCache;
+our $gnamecache = new OpenBSD::GnameCache;
 
 # This is a multiple of st_blksize everywhere....
 my $buffsize = 2 * 1024 * 1024;
@@ -485,6 +485,13 @@ sub fh
 
 package OpenBSD::Ustar::Object;
 
+sub recheck_owner
+{
+	my $entry = shift;
+	$entry->{uid} //= $OpenBSD: Ustar.pm,v 1.81 2014/08/10 10:01:03 espie Exp $entry->{uname});
+	$entry->{gid} //= $OpenBSD: Ustar.pm,v 1.81 2014/08/10 10:01:03 espie Exp $entry->{gname});
+}
+
 sub fatal
 {
 	my ($self, @args) = @_;
-- 
2.20.1