+++ This bug was initially created as a clone of Bug #173595 +++ Description of problem: The problem is described in https://sourceforge.net/tracker/index.php?func=detail&aid=930024&group_id=5470&atid=105470 Version-Release number of selected component (if applicable): python-2.2.3-6.1 (RHEL3) python-2.3.4-14.1 (RHEL4) How reproducible: Every time Steps to Reproduce: See upstreams report Additional info: The problem is fixed in newer releases upstreams. The reason for this bug report is that we need this fix in the python in RHEL3 and RHEL4, none of which has the fix. In the case of RHEL4, it would probably be enough to upgrade python to 2.3.5. For RHEL3, I guess a backport will be necessary. -- Additional comment from bnocera on 2005-11-22 04:10 EST -- Created an attachment (id=121334) python-no-symlink-loop-rhel3-2.patch Backported from http://cvs.sourceforge.net/viewcvs.py/python/python/dist/src/Lib/posixpath.py?rev=1.75&view=log 1) Revision 1.67 - (view) (download) (as text) (annotate) - [select for diffs] Sat Jul 10 22:55:13 2004 UTC (16 months, 1 week ago) by bcannon Branch: MAIN Changes since 1.66: +30 -6 lines Diff to previous 1.66 posixpath.realpath() now detects symlink loops and returns the path just before the loop starts. Closes bug #930024. Thanks AM Kuchling. 2) Revision 1.71 - (view) (download) (as text) (annotate) - [select for diffs] Sat Aug 14 15:01:53 2004 UTC (15 months, 1 week ago) by jlgijsbers Branch: MAIN Changes since 1.70: +9 -7 lines Diff to previous 1.70 bug #990669: os.path.realpath() will resolve symlinks before normalizing the path, as normalizing the path may alter the meaning of the path if it contains symlinks. Also add tests for infinite symlink loops and parent symlinks that need to be resolved. And 3) Revision 1.74 - (view) (download) (as text) (annotate) - [select for diffs] Fri Jun 3 14:24:43 2005 UTC (5 months, 2 weeks ago) by birkenfeld Branch: MAIN Changes since 1.73: +1 -1 lines Diff to previous 1.73 Bug #1213894: os.path.realpath didn't resolve symlinks that were the first component of the path.
Created attachment 121336 [details] python-no-symlink-loop-rhel4.patch RHEL4 patch.
The client is asking for an update on this issue and has asked why this was not fixed in the latest update release.
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
Fixed in python-2.3.4-14.4
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2007-0247.html
Unfortunately, the patch completely breaks correct operation of os.path.realpath() in some scenarios: Look at the existing symlink using ls: $ ls -l /mnt/backup/hydrogen.gyanasoft.com/sequence/bkp.0 /mnt/backup/hydrogen.gyanasoft.com/sequence/bkp.0 -> ../data/bkp.2007.06.12.10.04 Ask Python about the symlink (python was run from the "backupplus" directory): >>> os.path.realpath('/mnt/backup/hydrogen.gyanasoft.com/sequence/bkp.0') '/home/swarren/cron_scripts/backupplus/data/bkp.2007.06.12.10.04' The correct Python result above should have been: /mnt/backup/hydrogen.gyanasoft.com/data/bkp.2007.06.12.10.04 Note that this occurs in python-2.3.4-14.4, but does not occur in python-2.4.3-19.el5 from RHEL5.
Any traction on this bug? I would have expected a new release with the bogus patch backed out to be released ASAP...