From 2df72f37c652520d994c4aa42d1ec583ef6ceaaa Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Tue, 25 Sep 2018 15:46:43 +0200
Subject: [PATCH] chown: restore SUID and SGID bits

be sure the SUID and SGID bits are not lost when we do
a chown.

Closes: https://github.com/containers/libpod/issues/1526

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 drivers/chown_unix.go | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/drivers/chown_unix.go b/drivers/chown_unix.go
index 5454657ec9..b37a9271af 100644
--- a/drivers/chown_unix.go
+++ b/drivers/chown_unix.go
@@ -45,10 +45,20 @@ func platformLChown(path string, info os.FileInfo, toHost, toContainer *idtools.
 			uid, gid = mappedPair.UID, mappedPair.GID
 		}
 		if uid != int(st.Uid) || gid != int(st.Gid) {
+			stat, err := os.Lstat(path)
+			if err != nil {
+				return fmt.Errorf("%s: lstat(%q): %v", os.Args[0], path, err)
+			}
 			// Make the change.
 			if err := syscall.Lchown(path, uid, gid); err != nil {
 				return fmt.Errorf("%s: chown(%q): %v", os.Args[0], path, err)
 			}
+			// Restore the SUID and SGID bits if they were originally set.
+			if (stat.Mode()&os.ModeSymlink == 0) && stat.Mode()&(os.ModeSetuid|os.ModeSetgid) != 0 {
+				if err := os.Chmod(path, stat.Mode()); err != nil {
+					return fmt.Errorf("%s: chmod(%q): %v", os.Args[0], path, err)
+				}
+			}
 		}
 	}
 	return nil