Commits on Dec 14, 2012
  1. tag (and 1.4.2

    wr-seebs committed Dec 14, 2012
Commits on Dec 12, 2012
  1. add linkat() implementation

    We never had an implementation for linkat() because no one used it;
    now someone uses it. link() is now implemented on top of linkat().
    Note the abnormal AT_SYMLINK_FOLLOW (as opposed to _NOFOLLOW) flag.
    wr-seebs committed Dec 12, 2012
Commits on Nov 3, 2012
  1. Use $(LIB), not hardcoded lib, for sqlite

    It turns out that the -L usage mostly doesn't matter (usually something
    else has requested the right directory, or it's the default), but the
    explicit path to libsqlite3.a hardcoded "lib", and on some systems
    it should be something else, such as "lib64". Solution: Use $(LIB) for
    that directory.
    Note that this may not resolve things if, say, you're doing MIPS n32 on a
    target where that lives in /usr/lib32, but I think in that case you'd
    be specifying $libdir, so it should still work out.
    Also added --with-static-sqlite=/path as an option in case people need
    to further outsmart this.
    Signed-off-by: Peter Seebach <>
    wr-seebs committed Nov 3, 2012
Commits on Aug 9, 2012
  1. Fix up chroot damage caused by PSEUDO_STATBUF fix

    The PSEUDO_STATBUF change (allowing operations on files over
    2GB even on 32-bit systems) introduced a subtle bug; by calling
    stat64() rather than real_stat(), pseudo stopped handling
    chrooted paths well. In most cases, this was fine, but in the
    specific case of a rename, where the stat buffers for the various
    parts were actually used, it wasn't. Of particular note, pseudo
    could end up creating links which had stack garbage for their
    stat buffs, because it assumed that if the rename operation
    succeeded, the stat operations must have succeeded.
    Of course, there is no real_stat64 in the Linux port, because
    there's no need for it; most code is calling __xstat64 or some
    relative thereof, and even if you did really call stat64, it'd
    end up routed there anyway. So we add that so that it can be
    used for calls and we don't have to encode Linux-specific
    magic about __xstat into the generic header.
    wr-seebs committed Aug 9, 2012
Commits on Aug 2, 2012
  1. Remove the _plain thing, use PSEUDO_STATBUF everywhere.

    The _plain thing was added because of clashes between Linux
    ("struct stat64 for 64-bit file sizes") and Darwin ("struct stat
    is already 64 bits"). But it turns out not to be enough,
    because stat will *fail* if it cannot represent a file size,
    so when something like unlinkat() calls a non-64-bit stat in
    order to determine whether a file exists, it gets the wrong
    answer if the file is over 2GB in size.
    Solution: Continue using PSEUDO_STATBUF, and also provide
    defines for base_stat() which can be either real_stat() or
    real_stat64(), etcetera.
    This eliminates any reason to need the _plain functions. It
    also suggests that the other real___fxstatat() calls should
    someday go away because that is an ugly, ugly, implementation
    As part of testing this, fix up some bitrot which affected
    Darwin (such as the continue outside of a loop, but inside
    an #ifdef; that was left over from the conversion of
    init_one_wrapper to a separate function).
    wr-seebs committed Aug 2, 2012
Commits on Jul 27, 2012
  1. Use .tar.bz2 tarball

    Instead of using .tgz, use .tar.bz2 (and change czf to cjf). This makes
    life easier for Yocto.
    wr-seebs committed Jul 27, 2012
Commits on Jul 25, 2012
  1. Cleanup

    Clean up a couple of (harmless, but unsightly) bits of cruft
    left from a failed attempt at implementing the ARCH_FLAGS support.
    wr-seebs committed Jul 25, 2012
Commits on Jul 20, 2012
  1. tag 1.4

    wr-seebs committed Jul 20, 2012
  2. Don't try to learn all the architecture-specific flags

    Pseudo should never have been the one picking -m32/-m64. That should be
    coming from the build system in some way. Deprecate --arch, add --cflags.
    wr-seebs committed Jul 20, 2012
Commits on Jun 28, 2012
  1. 1.3.1 tag

    Enough changes to justify a tag.
    wr-seebs committed Jun 28, 2012
  2. [Yocto #2639] Don't crash with really long chroot directories

    The logic for whether to allocate space for the "base" path
    in pseudo_fix_path recognized that you don't need it when the
    path you're evaluating starts with a slash.
    This is great, except:
    1.  It's not actually true, if rootlen isn't 0.
    2.  The decision of whether or not to copy over the base
    path didn't check for this, so it would happen anyway.
    The net result is, if you had a path in excess of 256 characters as
    a base (say, a chroot directory), and you tried to evaluate a path
    starting with a slash (say, /etc/shadow), pseudo would allocate enough
    space for the path, but not for the base path, and then copy the
    base path into it anyway. The rounding up to multiples of 256 isn't
    enough to save us in this case.
    1.  Make the logic for the base path copy match the allocation logic.
    2.  Use (path[0] != '/' || rootlen) as the second part of the test,
    because if there's a non-zero rootlen, we're in a chroot and MUST
    preserve at least some of the path.
    This could maybe be smarter (what if we only allocated space for
    rootlen in that case?) except that in reality, it's very very
    often the case that baselen == rootlen, and it's not as though we
    want MORE complexity.
    wr-seebs committed Jun 28, 2012
Commits on Apr 30, 2012
  1. change official upstream

    wr-seebs committed Apr 30, 2012
Commits on Apr 10, 2012
  1. First pass at smarter handling of multilib compile options

    Long story short:  ARM doesn't use -m32 and -m64, so make those
    a little more dependent.  We'll probably rework this completely "soon"
    as we mess with more targets and x32 becomes an issue.
    wr-seebs committed Apr 9, 2012
Commits on Apr 9, 2012
  1. Improve RPATH logic

    The existing behavior was to set rpath to whatever was specified
    explicitly with --with-rpath, or to set a default if the opt_rpath
    variable was unset and we reached a --with-sqlite.
    This turns out to be incorrect in the case where a static sqlite is
    being used.  You can force the issue with --without-rpath, but it's
    probably better to make the inference smarter.  This also allows the
    slight cleanup of setting opt_rpath to '' to begin with, because we're
    no longer depending on the distinction between empty and unset.
    wr-seebs committed Apr 9, 2012
Commits on Mar 28, 2012
  1. cleanup and fixes

    Spotted a couple of things during the last batch of fixes; fixing these
    up so things are more consistent or clearer.
    wr-seebs committed Mar 28, 2012
Commits on Mar 27, 2012
  1. call this 1.3

    wr-seebs committed Mar 27, 2012
  2. Allow static sqlite

    Some systems prefer to avoid messing with LD_LIBRARY_PATH as much,
    and instead link sqlite statically.
    wr-seebs committed Mar 27, 2012
  3. Configuration cleanup for OE-core:

    In OE-Core we need to be able to configure for both 32-bit and 64-bit
    libpseudo libraries.  In order to avoid some complex manipulations,
    we adjust the configure and Makefile to facilitate this.
    Upstream-Status: Submitted
    Signed-off-by: Mark Hatle <>
    wr-seebs committed Mar 27, 2012
  4. add popen() call

    We weren't trapping popen(), so if environment variables were in an
    inconsistent state when popen() was called, Bad Things Happened.  Add
    a popen() wrapper.  Like a couple of other special cases, is applied
    even when pseudo is theoretically disabled, and that includes the antimagic
    case.  (But we never use popen() so that's fine.)
    wr-seebs committed Mar 26, 2012
Commits on Feb 6, 2012
  1. The O_LARGEFILE value was getting merged into mode (where it was

    ignored) rather than flags (where it was needed), meaning that the
    open64 type functions didn't work as intended on 32-bit hosts.
    wr-seebs committed Feb 6, 2012
  2. Fix *at() function interface holes

    1.  Fix *at() where dirfd is obtained through dirfd(DIR *).
    The dirfd(DIR *) interface allows you to get the fd for a DIR *,
    meaning you can use it with openat(), meaning you can need its
    path.  This causes a segfault.  Also fixed the base_path
    code not to segfault in that case, but first fix the
    underlying problem.
    2.  Implement renameat()
    After three long years, someone tried to use this.  This was impossibly
    hard back when pseudo was written, because there was only one dirfd
    provided for.  Thing is, now, the canonicalization happens in wrapfuncs,
    so a small tweak to makewrappers to recognize that oldpath should use
    olddirfd if it exists is enough to get us fully canonicalized paths
    when needed.
    wr-seebs committed Feb 2, 2012
Commits on Nov 2, 2011
  1. Name this 1.2

    wr-seebs committed Nov 2, 2011
  2. Initialize memory in pseudo_client to avoid valgrind warning

            * (mhatle) Stop valgrind from reporting use of uninitialized
              memory from pseudo_client:client_ping()
    Signed-off-by: Mark Hatle <>
    mhatle committed with wr-seebs Nov 1, 2011
  3. Rework the clone wrapper to add an intermediate function to resolve a…

    … defect.
    Previously the clone(2) wrapper unconditionallity restored the system
    environment.  It also invokes the checks to see if the user has requested
    pseudo to be disabled or unloaded. Due to the semantics of clone, this caused
    both the parent and child processes to be disabled or unloaded.
    The new code adds an intermediate function, wrap_clone_child, that only
    runs within the child context.  This way we can be sure to only disable/unload
    pseudo from within the child process.  In addition, we avoid mucking with
    the environment if CLONE_VM is set, since this will affect both parent and
    Signed-off-by: Mark Hatle <>
    mhatle committed with wr-seebs Oct 26, 2011
  4. Implement PSEUDO_UNLOAD, replacing existing PSEUDO_RELOADED semantics.

    Change from internal PSEUDO_RELOADED to external PSEUDO_UNLOAD environment
    variable.  Enable external programs to have a safe and reliable way to unload
    pseudo on the next exec*.  PSEUDO_UNLOAD also will disable pseudo if we're in a
    fork/clone situation in the same way PSEUDO_DISABLED=1 would.
    Rename the PSEUDO_DISABLED tests, and create a similar set for the new
    Signed-off-by: Mark Hatle <>
    mhatle committed with wr-seebs Oct 26, 2011
Commits on Jul 19, 2011
  1. Fix uninitalized variable.

    You might be wondering why this wasn't caught.  Answer:  gcc's too smart.
    	int x;
    	if (condition)
    		x = 23;
    	return x;
    This function will just return 23.  Since gcc knows that it doesn't
    matter what happens if x is used uninitialized (it's an indeterminate
    value, thus a possible trap representation, thus undefined behavior
    to use it), it simplifies the initial part of this away.  Thus there's
    no use of an uninitialized value.
    Something similar seems to be at issue with the use of the uninitialized
    f in pseudo_init_one_wrapper.
    The variable wasn't initialized in the pre-realpath-fix version either,
    but in that version, the assignment from dlsym was completely unconditional.
    wr-seebs committed Jul 19, 2011
Commits on Jun 9, 2011
  1. Fix realpath(name, NULL) when PSEUDO_DISABLED=1

    On some Linux systems, dlsym("realpath", RTLD_NEXT) prefers
    for reasons of its own to give a symbol that is also known
    as old_realpath, which fails and yields EINVAL when called
    with a null pointer as the second argument.  This can be
    avoided, on some systems, by using dlvsym() to request
    the GLIBC_2.3 version of the symbol.
    The wrapper logic is enhanced to allow for specifying
    versions, although this currently only works for Linux
    (Darwin has no dlvsym, apparently?).  The test case is
    a trivial program which calls realpath(name, NULL) run
    wr-seebs committed Jun 9, 2011
Commits on Jun 6, 2011
  1. 1.1.1 release

    wr-seebs committed Jun 6, 2011
  2. Improve system()

    wr-seebs committed Jun 6, 2011
Commits on Jun 2, 2011
  1. Call this "version 1.1".

    wr-seebs committed Jun 2, 2011
  2. Add system() wrapper to force setup of the pseudo environment. Note

    that we add an extra fork() so we can do the setup in a child process,
    but still just pass the command string to the standard system()
    wr-seebs committed Jun 2, 2011
Commits on Jun 1, 2011
  1. Change logic on file creation/chmod so that we only secretly mask in

    the 0100 bit for directories.  The reason is that otherwise we create
    plain files which are 0700 on disk, which means they're non-zero &0111,
    which breaks euidaccess(X_OK).
    wr-seebs committed Jun 1, 2011
Commits on May 25, 2011
  1. Make ulckpwdf() report failures

    Seebs committed May 25, 2011