* fix(uucore): use sysctl kern.boottime on macOS as fallback for uptime
If utmpx BOOT_TIME is unavailable, derive boot time via sysctl CTL_KERN.KERN_BOOTTIME to reduce intermittent macOS failures (e.g., #3621).
Context (blame/history):
- 2774274cc2 ("uptime: Support files in uptime (#6400)"): added macOS utmpxname validation and non-fatal 'unknown uptime' fallback with tests (tests/by-util/test_uptime.rs).
- 920d29f703 ("uptime: add support for OpenBSD using utmp"): reorganized uptime.rs and solidified utmp/utmpx-driven paths.
* test: add comprehensive macOS tests for sysctl kern.boottime fallback
Add unit tests for sysctl boottime availability and get_uptime reliability on macOS, verifying the fallback mechanism works correctly when utmpx BOOT_TIME is unavailable.
Add integration tests to ensure uptime command consistently succeeds on macOS with various flags (default, --since) and produces properly formatted output.
Enhance documentation of the sysctl fallback code with detailed comments explaining why it exists, the issue it addresses (#3621), and comprehensive SAFETY comments for the unsafe sysctl call.
All tests are properly gated with #[cfg(target_os = "macos")] to ensure they only run on macOS and don't interfere with other platforms.
* refactor(uucore): replace unsafe sysctl with safe command-line approach for macOS boot time
- Remove unsafe libc::sysctl() system call entirely
- Replace with safe std::process::Command executing 'sysctl -n kern.boottime'
- Parse sysctl output format to extract boot time seconds
- Maintains same API and functionality while eliminating unsafe blocks
- Addresses reviewer feedback to completely remove unsafe code
* fix: ignore NUL bytes in sort debug output alignment calculations
Replaced direct length checks with filtered counts excluding b'\0' in debug underline
and indentation output to prevent misalignment from embedded NUL characters, which
are often stripped during inspection. Added comprehensive tests for various sort
modes and inputs, including NUL byte scenarios, to verify correct debug annotations.
* feat: add locale-aware tests for sort debug key annotations
Split the existing `test_debug_key_annotations` into two tests: one for basic functionality and another for locale-specific behavior to handle conditional execution based on environment variables. Extracted a new helper function `debug_key_annotation_output` to generate debug output, improving test modularity and reducing code duplication. This enhances test coverage for debug key annotations in different numeric locales.
* refactor(test): optimize string building in debug_key_annotation_output for efficiency
Rework the `number` helper function to use a mutable String buffer with `writeln!` macro
instead of collecting intermediary vectors with `map` and `collect`. This reduces allocations
and improves performance in test output generation, building the numbered output directly
without extra string concatenations.
* refactor(tests): improve formatting and readability in sort test helpers
- Reformatted command-line arguments in test_debug_key_annotations_locale to fit on fewer lines
- Wrapped run_sort calls in debug_key_annotation_output for better code structure
- Minor reordering of output.push_str blocks for consistency and clarity
* refactor(test): embed expected debug key annotation outputs as constants
Replace fixture file reads with inline constants in test functions for
debug key annotations and locale variants. This makes the tests more
self-contained by removing dependencies on external fixture files.
* feat(sort): extract count_non_null_bytes for debug alignment
Add a helper function `count_non_null_bytes` to count bytes in a slice while ignoring embedded NULs. This improves code reusability and is used in debug underline output to ensure proper alignment by filtering NUL characters that may be present in selection strings. Replaces inline counting logic in two locations within the `Line` implementation.
* chmod:fix safe traversal/access (#9554)
* feat(chmod): use dirfd for recursive subdirectory traversal
- Update chmod recursive logic to use directory file descriptors instead of full paths for subdirectories
- Improves performance, avoids path length issues, and ensures dirfd-relative openat calls
- Add test to verify strace output shows no AT_FDCWD with multi-component paths
* test(chmod): add spell-check ignore for dirfd, subdirs, openat, FDCWD
Added a spell-checker ignore directive in the chmod test file to suppress false positives for legitimate technical terms used in Unix API calls.
* test(chmod): enforce strace requirement in recursive test, fail fast instead of skip
Previously, the test_chmod_recursive_uses_dirfd_for_subdirs test skipped gracefully if strace
was unavailable, without failing. This change enforces the strace dependency by failing the
test immediately if strace is not installed or runnable, ensuring the test runs reliably
in environments where it is expected to pass, and preventing silent skips.
* ci: install strace in Ubuntu CI jobs for debugging system calls
Add installation of strace tool on Ubuntu runners in both individual build/test and feature build/test jobs. This enables tracing system calls during execution, aiding in debugging and performance analysis within the CI/CD pipeline. Updated existing apt-get commands and added conditional steps for Linux-only installations.
* ci: Add strace installation to Ubuntu-based CI workflows
Install strace on ubuntu-latest runners across multiple jobs to enable system call tracing for testing purposes, ensuring compatibility with tests that require this debugging tool. This includes updating package lists in existing installation steps.
* chore(build): install strace and prevent apt prompts in Cross.toml pre-build
Modified the pre-build command to install strace utility for debugging and added -y flag to apt-get install to skip prompts, ensuring non-interactive builds.
* feat(build): support Alpine-based cross images in pre-build
Detect package manager (apt vs apk) to install tzdata and strace
in both Debian/Ubuntu and Alpine *-musl targets. Added fallback
warning for unsupported managers. This ensures strace is available
for targets using Alpine, which doesn't have apt-get.
* refactor(build): improve pre-build script readability by using multi-line strings
Replace escaped multi-line string with triple-quoted string for better readability in Cross.toml.
* feat(ci): install strace in WSL2 GitHub Actions workflow
Install strace utility in the WSL2 environment to support tracing system calls during testing. Minor update to Cross.toml spell-checker ignore list for consistency with change.
* ci(wsl2): install strace as root with non-interactive apt-get
Updated the WSL2 workflow step to use root shell (wsl-bash-root) for installing strace, removing sudo calls and adding DEBIAN_FRONTEND=noninteractive to prevent prompts. This improves CI reliability by ensuring direct root access and automated, interrupt-free package installation.
* ci: Move strace installation to user shell and update spell ignore
Fix WSL2 GitHub Actions workflow by installing strace as the user instead of root for better permission handling, and add "noninteractive" to the spell-checker ignore comment for consistency with the new apt-get command. This ensures the tool is available in the testing environment without unnecessary privilege escalation.
* chore: ci: remove unused strace installation from CI workflows
Remove strace package installation from multiple GitHub Actions workflow files (CICD.yml, l10n.yml, wsl2.yml). Strace was historically installed in Ubuntu jobs for debugging system calls, but it's no longer required for the tests and builds, reducing CI setup time and dependencies.
* ci: add strace installation and fix spell-checker comments in CI files
- Install strace package in CICD workflow to support safe traversal verification for utilities like rm, chmod, chown, chgrp, mv, and du, enabling syscall tracing for testing.
- Clean up spell-checker ignore comments in wsl2.yml and Cross.toml by removing misplaced flags.第二个测试产品**ci: add strace installation and fix spell-checker comments in CI files**
- Install strace package in CICD workflow to support safe traversal verification for utilities like rm, chmod, chown, chgrp, mv, and du, enabling syscall tracing for testing.
- Clean up spell-checker ignore comments in wsl2.yml and Cross.toml by removing misplaced flags.
* test: add regression guard for recursive chmod dirfd-relative traversal
Add a check in check-safe-traversal.sh to ensure recursive chmod operations use dirfd-relative openat calls instead of AT_FDCWD with multi-component paths, preventing potential race conditions. Ignore the corresponding Rust test as it is now covered by this shell script guard.
* Merge pull request #9561 from ChrisDryden/seq_benches
seq: adding large integers benchmarks
* install: do not call chown when called as root
- `pseudo` is a tool which simulates being root by intercepting calls to e.g. `geteuid` and `chown` (by using the `LD_PRELOAD` mechanism). This is used e.g. to build filesystems for embedded devices without running as root on the build machine.
- the `chown` call getting removed in this commit does not work when running with `pseudo` and using `PSEUDO_IGNORE_PATHS`: in this case, the call to `geteuid()` gets intercepted by `libpseudo.so` and returns 0, however the call to `chown()` isn't intercepted by `libpseudo.so` in case it is in a path from `PSEUDO_IGNORE_PATHS`, and will thus fail since the process is not really root
- the call to `chown()` was added in https://github.com/uutils/coreutils/pull/5735 with the intent of making the test `install-C-root.sh` pass, however it isn't required (GNU coreutils also does not call `chown` just because `install` was called as root)
Fixes https://github.com/uutils/coreutils/issues/9116
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
* du: handle `--files0-from=-` with piped in `-` (#8985)
* du: handle --files0-from=- with piped in '-'
* build-gnu.sh: remove incorrect string replacement
in tests/du/files0-from.pl
---------
Co-authored-by: Sylvestre Ledru <sylvestre@debian.org>
* perf: optimize rm prompts by reusing stat data to avoid extra syscalls
This change adds inline functions for checking file modes and refactors prompt functions to accept pre-fetched stat data. It modifies safe_remove_* functions to handle paths without parents and updates safe_remove_dir_recursive to fetch and reuse initial mode. This reduces redundant statx system calls, improving performance during recursive removals.
* feat(rm/linux): Refine interactive file removal prompts
- Add specific prompts for symlinks and empty files in 'Always' mode
- Refactor matching logic for better clarity and to match GNU rm behavior
- Improve handling of write-protected and non-terminal stdin scenarios
This enhances the user experience by providing more accurate and targeted confirmations during file removal on Linux.
* refactor(rm/linux): reformat prompt_yes! macros for improved readability
Refactored multiple call sites of the prompt_yes! macro in linux.rs to use consistent multi-line formatting, enhancing code readability and adhering to style guidelines without altering functionality. Adjusted import ordering slightly for better organization.
* refactor(src/uu/rm/src/platform/linux.rs): remove unused 'self' import from std::io
Removed the unused 'self' import from the std::io module to clean up the code and avoid potential confusion, as it was not referenced anywhere in the file. This is a minor refactoring for better maintainability.
* chore(spell-checker): update ignore list to include statx and behaviour
Add "statx" (a Linux system call name) and "behaviour" (potential spelling variant) to the spell-checker ignore comment in the rm utility's Linux platform code, preventing false positives in linting.
* fix(linux/rm): correct prompting logic for write-protected files in Interactive::Always mode
Refactor the prompt_file_with_stat function in src/uu/rm/src/platform/linux.rs to fix inconsistent prompting for Interactive::Always. Previously, it always used non-protected wording regardless of file writability. Now, it checks if the file is writable and uses appropriate messaging (simple for writable, protected for non-writable). The match logic for Interactive::Once and PromptProtected is also simplified using a triple condition for better readability and to ensure empty vs non-empty protected files are distinguished correctly, matching expected rm behavior.
* style(rm): wrap long line in prompt_file_with_stat macro for readability
Reformatted the prompt_yes! macro call across multiple lines to improve code readability and adhere to line length conventions. No functional changes.
---------
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Co-authored-by: Chris Dryden <christopher.paul.dryden@gmail.com>
Co-authored-by: Etienne Cordonnier <ecordonnier@snap.com>
Co-authored-by: Daniel Hofstetter <daniel.hofstetter@42dh.com>
Co-authored-by: Sylvestre Ledru <sylvestre@debian.org>