[gnome-software/1908-external-appstream-installer-sets-wrong-file-owner-and-permissions: 8/8] gs-install-appstream: Ensure the installed file has correct permissions and owner

[Milan Crha <mcrha src gnome org>]

commit bcf2173ab25b96a8459484b313f3b7e604da0dac
Author: Milan Crha <mcrha redhat com>
Date:   Thu Oct 20 17:31:38 2022 +0200

    gs-install-appstream: Ensure the installed file has correct permissions and owner
    
    The expected owner is root, thus make sure it's set as such.
    
    Similarly the permissions should be set that others and the group can read the file,
    otherwise it's useless for the users.
    
    Closes https://gitlab.gnome.org/GNOME/gnome-software/-/issues/1908

 gs-install-appstream/gs-install-appstream.c | 42 +++++++++++++++++++++++++----
 1 file changed, 37 insertions(+), 5 deletions(-)
---
diff --git a/gs-install-appstream/gs-install-appstream.c b/gs-install-appstream/gs-install-appstream.c
index 95a940624..4e8144c2f 100644
--- a/gs-install-appstream/gs-install-appstream.c
+++ b/gs-install-appstream/gs-install-appstream.c
@@ -24,8 +24,10 @@
 
 #include <errno.h>
 #include <locale.h>
+#include <pwd.h>
 #include <stdlib.h>
 #include <sys/stat.h>
+#include <unistd.h>
 
 #include <xmlb.h>
 #include <glib/gi18n.h>
@@ -41,6 +43,7 @@ gs_install_appstream_move_file (GFile *file, GError **error)
        g_autofree gchar *cachefn = gs_external_appstream_utils_get_file_cache_path (basename);
        g_autoptr(GFile) cachefn_file = g_file_new_for_path (cachefn);
        g_autoptr(GFile) cachedir_file = g_file_get_parent (cachefn_file);
+       GStatBuf stat_buf = { 0 };
 
        /* Try to cleanup the old cache directory, but do not panic, when it fails */
        if (g_unlink (legacy_cachefn) == -1) {
@@ -58,11 +61,40 @@ gs_install_appstream_move_file (GFile *file, GError **error)
 
        /* do the move, overwriting existing files and setting the permissions
         * of the current process (so that should be -rw-r--r--) */
-       return g_file_move (file, cachefn_file,
-                           G_FILE_COPY_OVERWRITE |
-                           G_FILE_COPY_NOFOLLOW_SYMLINKS |
-                           G_FILE_COPY_TARGET_DEFAULT_PERMS,
-                           NULL, NULL, NULL, error);
+       if (!g_file_move (file, cachefn_file,
+                         G_FILE_COPY_OVERWRITE |
+                         G_FILE_COPY_NOFOLLOW_SYMLINKS |
+                         G_FILE_COPY_TARGET_DEFAULT_PERMS,
+                         NULL, NULL, NULL, error))
+               return FALSE;
+
+       /* verify it is "-rw-r--r--" and the root owns the file */
+       if (g_stat (cachefn, &stat_buf)  == 0) {
+               struct passwd *pwd;
+               mode_t expected_mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH;
+               if ((stat_buf.st_mode & expected_mode) != expected_mode &&
+                    g_chmod (cachefn, expected_mode) == -1) {
+                       int errn = errno;
+                       g_printerr ("Failed to chmod '%s': %s\n", cachefn, g_strerror (errn));
+               }
+
+               /* the file should be owned by the root */
+               pwd = getpwnam ("root");
+               if (pwd != NULL) {
+                       if (chown (cachefn, pwd->pw_uid, pwd->pw_gid) == -1) {
+                               int errn = errno;
+                               g_printerr ("Failed to chown on '%s': %s\n", cachefn, g_strerror (errn));
+                       }
+               } else {
+                       int errn = errno;
+                       g_printerr ("Failed to get root info: %s\n", g_strerror (errn));
+               }
+       } else {
+               int errn = errno;
+               g_printerr ("Failed to stat '%s': %s\n", cachefn, g_strerror (errn));
+       }
+
+       return TRUE;
 }
 
 static gboolean