aboutsummaryrefslogtreecommitdiff
path: root/src/rc/checkpath.c
diff options
context:
space:
mode:
authorRobin H. Johnson <robbat2@gentoo.org>2012-01-23 10:26:58 +0000
committerRobin H. Johnson <robbat2@gentoo.org>2012-01-23 10:26:58 +0000
commit426b94bd696933a72d8623fa1325b3562096957d (patch)
treec8eb8a05f7fccc037fd19828b4626b4f7585a61f /src/rc/checkpath.c
parent06b8084b2cf9308fe0cbbcdde0741a881b7609fb (diff)
Per the systemd tmpfiles implementation, we need to watch out for umask during initial creation of files as well as potentially changing permissions later. Also do not abort if the items exist already, per truncate rules in tmpfiles.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
Diffstat (limited to 'src/rc/checkpath.c')
-rw-r--r--src/rc/checkpath.c22
1 files changed, 19 insertions, 3 deletions
diff --git a/src/rc/checkpath.c b/src/rc/checkpath.c
index 86623d94..b0914f3f 100644
--- a/src/rc/checkpath.c
+++ b/src/rc/checkpath.c
@@ -55,11 +55,17 @@ typedef enum {
extern const char *applet;
+/* TODO: SELinux
+ * This needs a LOT of SELinux loving
+ * See systemd's src/label.c:label_mkdir
+ */
static int
do_check(char *path, uid_t uid, gid_t gid, mode_t mode, inode_t type, bool trunc)
{
struct stat st;
int fd, flags;
+ int r;
+ int u;
if (stat(path, &st) || trunc) {
if (type == inode_file) {
@@ -75,7 +81,10 @@ do_check(char *path, uid_t uid, gid_t gid, mode_t mode, inode_t type, bool trunc
#endif
if (trunc)
flags |= O_TRUNC;
- if ((fd = open(path, flags, mode)) == -1) {
+ u = umask(0);
+ fd = open(path, flags, mode);
+ umask(u);
+ if (fd == -1) {
eerror("%s: open: %s", applet, strerror(errno));
return -1;
}
@@ -84,7 +93,11 @@ do_check(char *path, uid_t uid, gid_t gid, mode_t mode, inode_t type, bool trunc
einfo("%s: creating directory", path);
if (!mode) /* 775 */
mode = S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH;
- if (mkdir(path, mode) == -1) {
+ u = umask(0);
+ /* We do not recursively create parents */
+ r = mkdir(path, mode);
+ umask(u);
+ if (r == -1 && errno != EEXIST) {
eerror("%s: mkdir: %s", applet,
strerror (errno));
return -1;
@@ -94,7 +107,10 @@ do_check(char *path, uid_t uid, gid_t gid, mode_t mode, inode_t type, bool trunc
einfo("%s: creating fifo", path);
if (!mode) /* 600 */
mode = S_IRUSR | S_IWUSR;
- if (mkfifo(path, mode) == -1) {
+ u = umask(0);
+ r = mkfifo(path, mode);
+ umask(u);
+ if (r == -1 && errno != EEXIST) {
eerror("%s: mkfifo: %s", applet,
strerror (errno));
return -1;