Merge remote-tracking branch 'origin/pr/548'

* origin/pr/548: FIX qvm-copy for multiple sources refactor FIX --ignore-symlinks strip trailing slash from source directory Pull request description: Previously, `qvm-copy` had a couple of issues with symlinks: 1. A trailing slash on the source could cause errors: ```` $ qvm-copy-to-vm untrusted dir/ qubes-fs-tree-check: Refusing to copy unsafe symbolic link "dir//my-symlink" ```` but `qvm-copy-to-vm untrusted dir` worked fine. 2. `qvm-copy --ignore-symlinks` could still throw `qubes-fs-tree-check: Refusing to copy unsafe symbolic link` . If we are ignoring symlinks, `qubes-fs-tree-check` should not check for them. ## Notes Running `qubes-fs-tree-check --ignore-symlinks --allow-symlinks` does not seem to cause an issue.
QubesOS · Jan 20, 2025 · f72a393 · f72a393
2 parents 9c4d5ce + 397b8c1
commit f72a393
Showing 1 changed file with 8 additions and 4 deletions.
diff --git a/qubes-rpc/qvm-copy b/qubes-rpc/qvm-copy
@@ -75,7 +75,7 @@ while [ "$#" -gt 0 ]; do
     case $1 in
         (--without-progress) export PROGRESS_TYPE=none; shift;;
         (--with-progress) export PROGRESS_TYPE=console; shift;;
-        (--ignore-symlinks) ignore_symlinks=true; shift;;
+        (--ignore-symlinks) ignore_symlinks="--ignore-symlinks"; shift;;
         (--no-ignore-symlinks) unset ignore_symlinks; shift;;
         (-h|--help) usage 0;;
         (--) shift; break;;
@@ -93,8 +93,12 @@ else
   VM="@default"
 fi
 
+# strip trailing slash from source directory
+SOURCE=( "${@%/}" )
+
 if FILECOPY_TOTAL_BYTES=$("$scriptdir/qubes/qubes-fs-tree-check" \
-    --allow-symlinks --allow-directories --machine -- "$@"); then
+    ${ignore_symlinks} \
+    --allow-symlinks --allow-directories --machine -- "${SOURCE[@]}"); then
     service=qubes.Filecopy
 else
     status=$?
@@ -104,8 +108,8 @@ fi
 if [[ "$PROGRESS_TYPE" = 'console' ]]; then export FILECOPY_TOTAL_BYTES; fi
 
 "$scriptdir/qubes/qrexec-client-vm" --filter-escape-chars-stderr -- "$VM" \
-    "$service" "$scriptdir/qubes/qfile-agent" ${ignore_symlinks+--ignore-symlinks} -- "$@"
+    "$service" "$scriptdir/qubes/qfile-agent" ${ignore_symlinks} -- "${SOURCE[@]}"
 
 if [ "$OPERATION_TYPE" = "move" ] ; then
-    rm -rf -- "$@"
+    rm -rf -- "${SOURCE[@]}"
 fi