[tex-live] TL 2024: lua's file.is_writable() broken

Dr. Werner Fink werner at suse.de
Thu Mar 21 11:53:52 CET 2024 

On 2024/03/21 10:54:14 +0100, Dr. Werner Fink wrote:
> Hi,
> 
> I have a report that e.g. python-Sphinx testr code breaks at internal
> test call
> 
>   lualatex --halt-on-error --interaction=nonstopmode sphinxtest.tex
> 
> ... now after adding some debug messages
> 
>   /abuild/oscbuild/standard/usr/share/texmf/tex/luatex/luaotfload/fontloader-reference.lua
> 
> with
> 
>     for i=1,#cachepaths do
>         local cachepath = cachepaths[i]
>         print("XXXX cache path " .. cachepath)
>         if file.is_writable("/home/abuild/") then
>           print("YYYY cache path writable")
>         else
>           print("YYYY cache path not writable")
>         end
>         if file.is_writable(".") then
>           print("YYYY cache path writable")
>         else
>           print("YYYY cache path not writable")
>         end
>     [...]
> 
> I see at stdout
> 
>   This is LuaHBTeX, Version 1.18.0 (TeX Live 2024/TeX Live for opensuse.org) 
>    restricted system commands enabled.
>   (./sphinxcrash.tex
>   LaTeX2e <2023-11-01> patch level 1
>   L3 programming layer <2024-02-20>
>   XXXX cache path /home/abuild/.cache/texmf/fonts
>   YYYY cache path not writable
>   YYYY cache path writable
> 
> which is somehow a suprise as the user abuild is owner of its home which
> means that the call file.is_writable lies on /home/abuild/
> 
>   abuild at noether:/home/abuild/rpmbuild/BUILD> pwd
>   /home/abuild/rpmbuild/BUILD
>   abuild at noether:/home/abuild/rpmbuild/BUILD> whoami 
>   abuild
>   abuild at noether:/home/abuild/rpmbuild/BUILD> stat /home/abuild/
>     File: /home/abuild/
>     Size: 154             Blocks: 0          IO Block: 4096   directory
>   Device: 8,17    Inode: 1081575903  Links: 6
>   Access: (0755/drwxr-xr-x)  Uid: (  399/  abuild)   Gid: (  399/  abuild)
>   Access: 2024-03-21 09:04:27.553841693 +0000
>   Modify: 2024-03-21 09:36:35.453417724 +0000
>   Change: 2024-03-21 09:36:35.453417724 +0000
>    Birth: 2024-03-21 08:08:32.891190086 +0000
> 
> The strace show at this call
> 
>   9776  write(1, "XXXX cache path /home/abuild/.cache/texmf/fonts", 47) = 47
>   9776  write(1, "\n", 1)                 = 1
>   9776  newfstatat(AT_FDCWD, "/home/abuild", {st_mode=S_IFDIR|0755, st_size=154, ...}, 0) = 0
>   9776  write(1, "YYYY cache path not writable", 28) = 28
>   9776  write(1, "\n", 1)                 = 1
>   9776  newfstatat(AT_FDCWD, ".", {st_mode=S_IFDIR|0755, st_size=135, ...}, 0) = 0
>   9776  openat(AT_FDCWD, "./m_t_x_t_e_s_t.tmp", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 5
>   9776  close(5)                          = 0
>   9776  unlink("./m_t_x_t_e_s_t.tmp")     = 0
>   9776  write(1, "YYYY cache path writable", 24) = 24
>   9776  write(1, "\n", 1)                 = 1
> 
> OK this is secure ... very secure but totally unusable

Adding further debug code in

  /usr/share/texmf/tex/luatex/lualibs/lualibs-basic-merged.lua

  if lfs.isreadablefile and lfs.iswritablefile then
   file.is_readable=lfs.isreadablefile
   file.is_writable=lfs.iswritablefile
  else
   function file.is_writable(name)
    if not name then
    elseif lfs.isdir(name) then
     name=name.."/m_t_x_t_e_s_t.tmp"
     local f=io.open(name,"wb")
     print("FILE " .. name)
     if f then
      f:close()
      os.remove(name)
      return true
     end
    elseif lfs.isfile(name) then

shows

  This is LuaHBTeX, Version 1.18.0 (TeX Live 2024/TeX Live for opensuse.org) 
   restricted system commands enabled.
  (./sphinxcrash.tex
  LaTeX2e <2023-11-01> patch level 1
  L3 programming layer <2024-02-20>
  FILE /var/cache/texmf/fonts/m_t_x_t_e_s_t.tmp
  XXXX cache path /home/abuild/.cache/texmf/fonts
  FILE /home/abuild/m_t_x_t_e_s_t.tmp
  YYYY cache path not writable
  FILE ./m_t_x_t_e_s_t.tmp
  YYYY cache path writable
  FILE /home/abuild/.cache/texmf/fonts/m_t_x_t_e_s_t.tmp

means that open the file

  /home/abuild/m_t_x_t_e_s_t.tmp

is not done even if possible

  abuild at noether:/home/abuild/rpmbuild/BUILD> touch /home/abuild/m_t_x_t_e_s_t.tmp
  abuild at noether:/home/abuild/rpmbuild/BUILD> echo $?
  0
  abuild at noether:/home/abuild/rpmbuild/BUILD> rm /home/abuild/m_t_x_t_e_s_t.tmp

but false returned at the end of function file.is_writable()

Could anyone explain why io.open() does not accept absolute paths?
And how to fix this?

Werner

-- 
  "Having a smoking section in a restaurant is like having
          a peeing section in a swimming pool." -- Edward Burr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 894 bytes
Desc: not available
URL: <https://tug.org/pipermail/tex-live/attachments/20240321/b955b737/attachment.sig>

More information about the tex-live mailing list.