5 changed files with 86 additions and 31 deletions
--- a/backport-Work-around-glibc-lchmod-issue-a-better-way.patch
+++ b/backport-Work-around-glibc-lchmod-issue-a-better-way.patch
@ -0,0 +1,65 @@
 From 9dd62525f3b98d692e031f22c02be8f775966503 Mon Sep 17 00:00:00 2001
 From: Wayne Davison <wayne@opencoder.net>
 Date: Sun, 29 Nov 2020 09:33:54 -0800
 Subject: [PATCH] Work around glibc's lchmod() issue a better way.
 ---
 syscall.c    | 34 +++++++++++++++++++++-------------
 1 files changed, 21 insertions(+), 13 deletions(-)
 diff --git a/syscall.c b/syscall.c
 index b9c3b4e..11d10e4 100644
 --- a/syscall.c
 +++ b/syscall.c
@@ -227,27 +227,35 @@ int do_open(const char *pathname, int flags, mode_t mode)
 #ifdef HAVE_CHMOD
 int do_chmod(const char *path, mode_t mode)
 {
 +	static int switch_step = 0;
 	int code;
 	if (dry_run) return 0;
 	RETURN_ERROR_IF_RO_OR_LO;
 +	switch (switch_step) {
 #ifdef HAVE_LCHMOD
 -	code = lchmod(path, mode & CHMOD_BITS);
 -#else
 -	if (S_ISLNK(mode)) {
 +#include "case_N.h"
 +		if ((code = lchmod(path, mode & CHMOD_BITS)) == 0 || errno != ENOTSUP)
 +			break;
 +		switch_step++;
 +#endif
 +
 +#include "case_N.h"
 +		if (S_ISLNK(mode)) {
 # if defined HAVE_SETATTRLIST
 -		struct attrlist attrList;
 -		uint32_t m = mode & CHMOD_BITS; /* manpage is wrong: not mode_t! */
 +			struct attrlist attrList;
 +			uint32_t m = mode & CHMOD_BITS; /* manpage is wrong: not mode_t! */
 -		memset(&attrList, 0, sizeof attrList);
 -		attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
 -		attrList.commonattr = ATTR_CMN_ACCESSMASK;
 -		code = setattrlist(path, &attrList, &m, sizeof m, FSOPT_NOFOLLOW);
 +			memset(&attrList, 0, sizeof attrList);
 +			attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
 +			attrList.commonattr = ATTR_CMN_ACCESSMASK;
 +			code = setattrlist(path, &attrList, &m, sizeof m, FSOPT_NOFOLLOW);
 # else
 -		code = 1;
 +			code = 1;
 # endif
 -	} else
 -		code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */
 -#endif /* !HAVE_LCHMOD */
 +		} else
 +			code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */
 +		break;
 +	}
 	if (code != 0 && (preserve_perms || preserve_executability))
 		return code;
 	return 0;
 -- 
 1.8.3.1
--- a/rsync-3.2.3.tar.gz
+++ b/rsync-3.2.3.tar.gz
--- a/rsync-3.2.5.tar.gz
+++ b/rsync-3.2.5.tar.gz
--- a/rsync-patches-3.2.3.tar.gz
+++ b/rsync-patches-3.2.3.tar.gz
--- a/rsync.spec
+++ b/rsync.spec
@ -1,15 +1,16 @@
 Name:           rsync
-Version:        3.2.5
+Version:        3.2.3
-Release:        2
+Release:        1
 Summary:        Fast incremental file transfer utility
 License:        GPLv3+
 URL:            http://rsync.samba.org/
-Source0:        https://download.samba.org/pub/rsync/src/rsync-%{version}.tar.gz
+Source0:        https://download.samba.org/pub/rsync/src/rsync-%{version}%{?prerelease}.tar.gz
-Source1:        rsyncd.socket
+Source1:        https://download.samba.org/pub/rsync/src/rsync-patches-%{version}.tar.gz
-Source2:        rsyncd.service
+Source2:        rsyncd.socket
-Source3:        rsyncd.conf
+Source3:        rsyncd.service
-Source4:        rsyncd.sysconfig
+Source4:        rsyncd.conf
-Source5:        rsyncd@.service
+Source5:        rsyncd.sysconfig
 Source6:        rsyncd@.service
 BuildRequires:  git gcc systemd libacl-devel libattr-devel autoconf popt-devel
 BuildRequires:  lz4-devel openssl-devel libzstd-devel
@ -17,6 +18,8 @@ Provides:       bundled(zlib) = 1.2.8 rsync-daemon
 Obsoletes:      rsync-daemon
 %{?systemd_requires}
 Patch1: backport-Work-around-glibc-lchmod-issue-a-better-way.patch
 %description
 Rsync is an open source utility that provides fast incremental file transfer.
 It uses the "rsync algorithm" which provides a very fast method for bringing
@ -27,7 +30,9 @@ at one of the ends of the link beforehand.
 %package_help
 %prep
-%autosetup -n %{name}-%{version} -p1
+%autosetup -b 1 -n %{name}-%{version} -p1
 patch -p1 -i patches/copy-devices.diff
 %build
 %configure --disable-xxhash
@ -35,15 +40,16 @@ at one of the ends of the link beforehand.
 %check
 make check
 chmod -x support/*
 %install
 %make_install
-install -D -m644 %{SOURCE1} %{buildroot}/%{_unitdir}/rsyncd.socket
+install -D -m644 %{SOURCE2} %{buildroot}/%{_unitdir}/rsyncd.socket
-install -D -m644 %{SOURCE2} %{buildroot}/%{_unitdir}/rsyncd.service
+install -D -m644 %{SOURCE3} %{buildroot}/%{_unitdir}/rsyncd.service
-install -D -m644 %{SOURCE3} %{buildroot}/%{_sysconfdir}/rsyncd.conf
+install -D -m644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/rsyncd.conf
-install -D -m644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/sysconfig/rsyncd
+install -D -m644 %{SOURCE5} %{buildroot}/%{_sysconfdir}/sysconfig/rsyncd
-install -D -m644 %{SOURCE5} %{buildroot}/%{_unitdir}/rsyncd@.service
+install -D -m644 %{SOURCE6} %{buildroot}/%{_unitdir}/rsyncd@.service
 %pre
@ -59,7 +65,7 @@ install -D -m644 %{SOURCE5} %{buildroot}/%{_unitdir}/rsyncd@.service
 %files
 %defattr(-,root,root)
 %doc tech_report.tex
-%attr(0644,root,root) %doc support/*
+%doc support/*
 %license COPYING
 %config(noreplace) %{_sysconfdir}/*.conf
 %config(noreplace) %{_sysconfdir}/sysconfig/rsyncd
@ -73,22 +79,6 @@ install -D -m644 %{SOURCE5} %{buildroot}/%{_unitdir}/rsyncd@.service
 %{_mandir}/man5/rsyncd.conf.5*
 %changelog
 * Thu Jun 15 2023 zhoupengcheng <zhoupengcheng11@huawei.com> - 3.2.5-1
 - Type:bugfix
 - CVE:
 - SUG:NA
 - DESC:Restrict the doc permission in rsync to 644.
 * Thu Aug 18 2022 fuanan <fuanan3@h-partners.com> - 3.2.5-1
 - Update version to 3.2.5
 - Fix CVE-2022-29154,CVE-2022-37434
 * Fri Jun 18 2021 yangzhuangzhuang <yangzhuangzhuang1@huawei.com> - 3.2.3-2
 - Type:bugfix
 - ID:NA
 - SUG:NA
 - DESC:Fix CVE-2020-14387
 * Fri Jan 22 2021 yixiangzhike <zhangxingliang3@huawei.com> - 3.2.3-1
 - Type:requirement
 - ID:NA