Bug 1623216

Summary: retrace-server tasks may fail with 'Permission denied' due to directory permissions in archive tarball
Product: [Fedora] Fedora EPEL Reporter: Dave Wysochanski <dwysocha>
Component: retrace-serverAssignee: abrt <abrt-devel-list>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: high    
Version: epel7CC: abrt-devel-list, bubrown, jakub, michal.toman, mmarusak, msuchy
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-08-08 14:10:16 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dave Wysochanski 2018-08-28 18:56:04 UTC 
Description of problem:
I thought all these extraction permission bugs were gone but apparently not.  The extraction routine in unpack_vmcore (and probably unpack_coredump) does not take care to 'chmod' the directories and files it creates to ensure everything is readable.  As a result the task may fail with a "permission denied" error when it cannot read files in one of the extracted directories even though it's creating the files itself from say an ftp based file or local archive file that's readable.

Version-Release number of selected component (if applicable):
retrace-server-1.18+

How reproducible:
everytime

Steps to Reproduce:
1. create a tarball with a subdirectory with unusual permissions that don't allow you to read files and place the vmcore in there.
2. submit the tarball to retrace-server

Actual results:
retrace server fails with '[Errno 13] Permission denied:' because it cannot read the files in a directory it has created with its 'tar' extraction.

Expected results:
retrace-server is able to extract the tarball so that it can read the files in it (i.e. chmod after 'tar -xf').

Additional info:
This most likely also will happen with coredump files since the code looks similar.  We have an example tarball but it's probably easiest to construct one.

I tried a simple 'chmod' inside unpack_vmcore after all the 'check_run' command, but I ended up with an unusual error and the task failed thinking the vmcore was not readable (in fact retrace-server had somehow mistook the tar file for the vmcore).
Comment 2 Dave Wysochanski 2023-08-08 14:10:16 UTC 
Closing this WONTFIX due to lack of bandwidth and unclear upstream project status going forward.