Skip to content

fix: preserve file owner/group on atomic rewrite#82

Open
leno23 wants to merge 1 commit into
dolph:mainfrom
leno23:fix/preserve-file-ownership-issue-17-v2
Open

fix: preserve file owner/group on atomic rewrite#82
leno23 wants to merge 1 commit into
dolph:mainfrom
leno23:fix/preserve-file-ownership-issue-17-v2

Conversation

@leno23
Copy link
Copy Markdown

@leno23 leno23 commented May 30, 2026

Fixes #17

Made with Cursor

@leno23
fix: preserve file owner/group on atomic rewrite
0842d98 
Chown the temp file to the original uid/gid before rename on Unix so
rewrites do not silently change ownership when run as root.

Fixes dolph#17
chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed May 30, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 0842d98c39

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread file_handling.go
Comment on lines +106 to +107
if err := chownTempFromInfo(tempName, info); err != nil {
return fmt.Errorf("preserve ownership on temp file %v: %w", tempName, err)
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot May 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Install cleanup before chowning the temp file

When chownTempFromInfo fails after the temp file has been created, this returns before the defer os.Remove(tempName) is registered, leaving the random temp file in the target directory. This can happen for a non-root user rewriting a group-writable file owned by another uid/gid, where the write succeeds but os.Chown returns EPERM; move the cleanup defer immediately after os.WriteFile succeeds so all post-create failures are cleaned up.

Useful? React with 👍 / 👎.

Comment thread file_handling.go
if err := os.WriteFile(tempName, []byte(content), mode); err != nil {
return fmt.Errorf("create tempfile in %v: %w", f.Dir(), err)
}
if err := chownTempFromInfo(tempName, info); err != nil {
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot May 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Restore mode after changing temp-file ownership

For setuid/setgid files, Unix kernels clear those special permission bits on chown, so the temp file is created with info.Mode() and then loses those bits here before it is renamed over the original. Rewriting a matching setuid/setgid executable therefore silently strips its mode bits; apply ownership before restoring the original mode, or chmod again after the chown succeeds.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Atomic rewrite does not preserve owner/group; running as root silently chowns files

1 participant

@leno23