Bug 1184194

Summary: perl-Archive-Tar-1.58-138.el6 breaks content on unpacking tar archives with PAX headers
Product: Red Hat Enterprise Linux 6 Reporter: Mike B. <michiel.beijen>
Component: perlAssignee: perl-maint-list
Status: CLOSED ERRATA QA Contact: Martin Kyral <mkyral>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.7CC: dkutalek, jorton, mkyral, ppisar, psabata
Target Milestone: rcKeywords: Patch
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: perl-5.10.1-139.el6 Doc Type: Bug Fix
Doc Text:
Prior to this update, the Archive::Tar Perl module unpacked PAX headers into artificial PaxHeader subdirectories, which caused the extracted tree to be different from the archived tree. Consequently, installation of a Comprehensive Perl Archive Network (CPAN) distribution by the cpan client failed. This bug has been fixed, and it is now possible to install CPAN distributions archived with extended attributes.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2015-07-22 05:59:48 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Upstream patch
none
Upstream fix ported to perl-5.10.1 none

Description Mike B. 2015-01-20 19:05:01 UTC 
Description of problem:
With the cpan client in RHEL 6 it is not possible to install CPAN modules which have been compressed with POSIX 2001 PAX headers.

Version-Release number of selected component (if applicable):

For instance the current version of SOAP::Lite (1.13) can't be installed. 1.12 does not have this problem, it's probably created on a different machine or with different settings.

Steps to Reproduce:
1. yum install perl-core
2. cpan P/PH/PHRED/SOAP-Lite-1.13.tar.gz

Actual results:
CPAN: Archive::Tar loaded ok (v1.58)
PaxHeader/SOAP-Lite-1.13
SOAP-Lite-1.13/
SOAP-Lite-1.13/PaxHeader/bin
....
CPAN: File::Temp loaded ok (v0.22)
CPAN: Time::HiRes loaded ok (v1.9721)
Package seems to come without Makefile.PL.
  (The test -f "/home/vagrant/.cpan/build/PHRED-wxPcgc/Makefile.PL" returned false.)
  Writing one on our own (setting NAME to SOAPLite)

  CPAN.pm: Going to build P/PH/PHRED/SOAP-Lite-1.13.tar.gz

Checking if your kit is complete...
Looks good
Warning: prerequisite Class::Inspector 0 not found.
Warning: prerequisite Crypt::SSLeay 0 not found.
Warning: prerequisite IO::SessionData 1.03 not found.
Warning: prerequisite IO::Socket::SSL 0 not found.
Warning: prerequisite Task::Weaken 0 not found.
Bareword found where operator expected at ./Makefile.PL line 1, near "17 gid"
	(Missing operator before gid?)
Number found where operator expected at ./Makefile.PL line 2, near "18"
	(Missing semicolon on previous line?)
Bareword found where operator expected at ./Makefile.PL line 2, near "18 uid"
	(Missing operator before uid?)
Number found where operator expected at ./Makefile.PL line 3, near "20"
	(Missing semicolon on previous line?)
Bareword found where operator expected at ./Makefile.PL line 3, near "20 ctime"
	(Missing operator before ctime?)
Number found where operator expected at ./Makefile.PL line 4, near "20"
	(Missing semicolon on previous line?)
Bareword found where operator expected at ./Makefile.PL line 4, near "20 atime"
	(Missing operator before atime?)
Number found where operator expected at ./Makefile.PL line 5, near "23"
	(Missing semicolon on previous line?)
Bareword found where operator expected at ./Makefile.PL line 5, near "23 SCHILY"
	(Missing operator before SCHILY?)
Number found where operator expected at ./Makefile.PL line 6, near "22"
	(Missing semicolon on previous line?)
Bareword found where operator expected at ./Makefile.PL line 6, near "22 SCHILY"
	(Missing operator before SCHILY?)
Number found where operator expected at ./Makefile.PL line 7, near "18"
	(Missing semicolon on previous line?)
Bareword found where operator expected at ./Makefile.PL line 7, near "18 SCHILY"
	(Missing operator before SCHILY?)
ERROR from evaluation of /home/vagrant/.cpan/build/PHRED-wxPcgc/SOAP-Lite-1.13/Makefile.PL: ERROR from evaluation of /home/vagrant/.cpan/build/PHRED-wxPcgc/SOAP-Lite-1.13/PaxHeader/Makefile.PL: syntax error at ./Makefile.PL line 1, near "17 gid"
Warning: No success on command[/usr/bin/perl Makefile.PL INSTALLDIRS=site]
Warning (usually harmless): 'YAML' not installed, will not store persistent state
  PHRED/SOAP-Lite-1.13.tar.gz
  /usr/bin/perl Makefile.PL INSTALLDIRS=site -- NOT OK
Running make test
  Make had some problems, won't test
Running make install
  Make had some problems, won't install


Expected results:
Proper installation, such as with
 $ cpan P/PH/PHRED/SOAP-Lite-1.12.tar.gz

Additional info:
for now, I was able to work around this issue by updating CPAN itself:

 $ cpan CPAN

but that will stop working when the CPAN-xxx.tar.gz on CPAN will be packed using a tar with POSIX-2001 extended headers :-D

also using the system's 'tar' I could not unpack the .tar.gz file directly.

The Perl module Archive::Tar has support for handling these cases since version 1.74, see https://rt.cpan.org/Ticket/Display.html?id=64038 - the downside is this version is newer than what's in RHEL6 and also the cpan client is configured to use the system tar and not Archive::Tar.
Comment 2 Petr Pisar 2015-01-21 09:03:52 UTC 
tar-1.23-11.el6.x86_64 skips extended headers properly:

$ cpan  P/PH/PHRED/SOAP-Lite-1.13.tar.gz
Going to read '/home/test/.cpan/sources/authors/01mailrc.txt.gz'
CPAN: Compress::Zlib loaded ok (v2.021)
............................................................................DONE
Going to read '/home/test/.cpan/sources/modules/02packages.details.txt.gz'
  Database was generated on Wed, 21 Jan 2015 02:53:21 GMT
CPAN: HTTP::Date loaded ok (v5.831)
..............
  New CPAN.pm version (v2.05) available.
  [Currently running version is v1.9402]
  You might want to try
    install CPAN
    reload cpan
  to both upgrade CPAN.pm and run the new version without leaving
  the current session.

CPAN: Time::HiRes loaded ok (v1.9721)

..............................................................DONE
Going to read '/home/test/.cpan/sources/modules/03modlist.data.gz'
DONE
CPAN: Storable loaded ok (v2.20)
Going to write /home/test/.cpan/Metadata
CPAN: Data::Dumper loaded ok (v2.124)
'YAML' not installed, falling back to Data::Dumper and Storable to read prefs '/home/test/.cpan/prefs'
Running make for P/PH/PHRED/SOAP-Lite-1.13.tar.gz
CPAN: Digest::SHA loaded ok (v5.47)
Checksum for /home/test/.cpan/sources/authors/id/P/PH/PHRED/SOAP-Lite-1.13.tar.gz ok
/bin/tar: Ignoring unknown extended header keyword `SCHILY.dev'
/bin/tar: Ignoring unknown extended header keyword `SCHILY.ino'
/bin/tar: Ignoring unknown extended header keyword `SCHILY.nlink'
SOAP-Lite-1.13/
[...]
/bin/tar: Ignoring unknown extended header keyword `SCHILY.dev'
/bin/tar: Ignoring unknown extended header keyword `SCHILY.ino'
/bin/tar: Ignoring unknown extended header keyword `SCHILY.nlink'
SOAP-Lite-1.13/bin/stubmaker.pl
CPAN: File::Temp loaded ok (v0.22)

  CPAN.pm: Going to build P/PH/PHRED/SOAP-Lite-1.13.tar.gz

Checking if your kit is complete...
Looks good
Warning: prerequisite IO::SessionData 1.03 not found.
Writing Makefile for SOAP::Lite
[...]

If you install the "tar" package and set cpan client to prefer it:

$ grep "'tar'" .cpan/CPAN/MyConfig.pm
  'tar' => q[/bin/tar],

or if you uninstall the perl-Archive-Tar package, it will work.
Comment 3 Petr Pisar 2015-01-21 09:32:39 UTC 
The issue is that Archive::Tar dumps PAX headers into PaxHeader subdirectories like:

$ perl -MArchive::Tar -e 'my $a=Archive::Tar->new; $a->read(q{/home/test/.cpan/sources/authors/id/P/PH/PHRED/SOAP-Lite-1.13.tar.gz}); $a->extract or die $a->error;'

$ find -name 'Makefile.PL'
./SOAP-Lite-1.13/Makefile.PL
./SOAP-Lite-1.13/PaxHeader/Makefile.PL

and ExtUtils::MakeMaker used in ./SOAP-Lite-1.13/Makefile.PL executes all Makefile.PLs recursively, thus also ./SOAP-Lite-1.13/PaxHeader/Makefile.PL which is not Perl code.

So basically, the Archive::Tar should not create the PaxHeader directories because it make the extracted tree different from the archived one.
Comment 4 Petr Pisar 2015-01-21 09:33:12 UTC 
Created attachment 982223 [details]
Upstream patch
Comment 5 Petr Pisar 2015-01-21 10:11:19 UTC 
Created attachment 982241 [details]
Upstream fix ported to perl-5.10.1
Comment 6 Mike B. 2015-01-21 10:54:59 UTC 
Hi Petr, 

(In reply to Petr Pisar from comment #2)
> tar-1.23-11.el6.x86_64 skips extended headers properly:

Yes: it warns about them, but does skip them. But even though tar is set as you described in the cpan client, it uses Archive::Tar to untar, causing problems.

  cpan[1]> o conf tar
    tar                [/bin/tar]

If I read your update correctly, you're backporting the Archive::Tar patch to skip the extended headers into the perl-5.10.1 package? That's awesome!
Comment 8 Petr Pisar 2015-01-21 12:13:00 UTC 
(In reply to Mike B. from comment #6)
> But even though tar is set as you described in the cpan client, it uses
> Archive::Tar to untar

Unfortunately yes. The cpan client does not honour 
prefer_external_tar configuration option yet and it uses Archive::Tar if it's available and the archive is gzipped (in contrast to bzipped ones). So the only workaround is to uninstall perl-Archive-Tar now.
Comment 10 Petr Pisar 2015-01-22 09:40:41 UTC 
How to test:

(1) Obtain an tar archive with extended attributes transported in PAX headers. (You can download <http://search.cpan.org/CPAN/authors/id/P/PH/PHRED/SOAP-Lite-1.13.tar.gz>.)

(2) Unpack the archive by Archive::Tar Perl module:
$ perl -MArchive::Tar -e 'my $a=Archive::Tar->new; $a->read(q{foo.tar.gz}); $a->extract or die $a->error;'

(3) Check for PaxHeader directories.
Before: For each packaged file with extended attributes, there is a PaxHeader directory in the same directory as the file and a file with the same name in thePaxHeader directory.
After: There are no PaxHeader directories.

Alternatively, unpack the archive with tar(1) tool and compare the unpacked trees recursively.
Before: They differ.
After: There is not difference.
Comment 14 errata-xmlrpc 2015-07-22 05:59:48 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-1266.html