discover-image: don't accidentally set /run/systemd/nspawn/ access mode too strict

mkdir_p() uses the specified access mode for all dirs that are missing,
hence if we call it on /run/systemd/nspawn/locking and
/run/systemd/nspawn/ doesn't exist yet, we#d create it 0700 here. But
that was never the intention, and all other code creating that dir sets
the mode to 0755. Fix this here to match the rest.

diff --git a/src/shared/discover-image.c b/src/shared/discover-image.c
index ed89580d822b8909c1f7c5cc1113f23722355d06..6d4f7612caac15c1ff3e4c00c01816817d7c8026 100644 (file)
--- a/src/shared/discover-image.c
+++ b/src/shared/discover-image.c
@@ -1281,6 +1281,11 @@ int image_read_only(Image *i, bool b) {
         return 0;
 }
 
+static void make_lock_dir(void) {
+        (void) mkdir_p("/run/systemd/nspawn", 0755);
+        (void) mkdir("/run/systemd/nspawn/locks", 0700);
+}
+
 int image_path_lock(const char *path, int operation, LockFile *global, LockFile *local) {
         _cleanup_free_ char *p = NULL;
         LockFile t = LOCK_FILE_INIT;
@@ -1356,7 +1361,7 @@ int image_path_lock(const char *path, int operation, LockFile *global, LockFile
         }
 
         if (p) {
-                (void) mkdir_p("/run/systemd/nspawn/locks", 0700);
+                make_lock_dir();
 
                 r = make_lock_file(p, operation, global);
                 if (r < 0) {
@@ -1531,7 +1536,7 @@ int image_name_lock(const char *name, int operation, LockFile *ret) {
                 return 0;
         }
 
-        (void) mkdir_p("/run/systemd/nspawn/locks", 0700);
+        make_lock_dir();
 
         p = strjoina("/run/systemd/nspawn/locks/name-", name);
         return make_lock_file(p, operation, ret);
@@ -1569,7 +1574,6 @@ bool image_in_search_path(
                 /* Accept trailing slashes */
                 if (p[strspn(p, "/")] == 0)
                         return true;
-
         }
 
         return false;