When we are attempting to create directory somewhere in the bowels of /var/lib
and get an error that it already exists, it can be quite hard to diagnose what
is wrong (especially for a user who is not aware that the directory must have
the specified owner, and permissions not looser than what was requested). Let's
print a warning in most cases. A warning is appropriate, because such state is
usually a sign of borked installation and needs to be resolved by the adminstrator.
$ build/test-fs-util
Path "/tmp/test-readlink_and_make_absolute" already exists and is not a directory, refusing.
(or)
Directory "/tmp/test-readlink_and_make_absolute" already exists, but has mode 0775 that is too permissive (0755 was requested), refusing.
(or)
Directory "/tmp/test-readlink_and_make_absolute" already exists, but is owned by 1001:1000 (1000:1000 was requested), refusing.
Assertion 'mkdir_safe(tempdir, 0755, getuid(), getgid(), MKDIR_WARN_MODE) >= 0' failed at ../src/test/test-fs-util.c:320, function test_readlink_and_make_absolute(). Aborting.
No functional change except for the new log lines.
14 files changed:
#include "mkdir.h"
#include "path-util.h"
#include "stat-util.h"
#include "mkdir.h"
#include "path-util.h"
#include "stat-util.h"
#include "user-util.h"
int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir) {
#include "user-util.h"
int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir) {
+ if (!S_ISDIR(st.st_mode)) {
+ log_full(flags & MKDIR_WARN_MODE ? LOG_WARNING : LOG_DEBUG,
+ "Path \"%s\" already exists and is not a directory, refusing.", path);
+ return -ENOTDIR;
+ }
if ((st.st_mode & 0007) > (mode & 0007) ||
(st.st_mode & 0070) > (mode & 0070) ||
if ((st.st_mode & 0007) > (mode & 0007) ||
(st.st_mode & 0070) > (mode & 0070) ||
- (st.st_mode & 0700) > (mode & 0700) ||
- (uid != UID_INVALID && st.st_uid != uid) ||
- (gid != GID_INVALID && st.st_gid != gid) ||
- !S_ISDIR(st.st_mode))
+ (st.st_mode & 0700) > (mode & 0700)) {
+ log_full(flags & MKDIR_WARN_MODE ? LOG_WARNING : LOG_DEBUG,
+ "Directory \"%s\" already exists, but has mode %04o that is too permissive (%04o was requested), refusing.",
+ path, st.st_mode & 0777, mode);
+ }
+ if ((uid != UID_INVALID && st.st_uid != uid) ||
+ (gid != GID_INVALID && st.st_gid != gid)) {
+ char u[DECIMAL_STR_MAX(uid_t)] = "-", g[DECIMAL_STR_MAX(gid_t)] = "-";
+
+ if (uid != UID_INVALID)
+ xsprintf(u, UID_FMT, uid);
+ if (gid != UID_INVALID)
+ xsprintf(g, GID_FMT, gid);
+ log_full(flags & MKDIR_WARN_MODE ? LOG_WARNING : LOG_DEBUG,
+ "Directory \"%s\" already exists, but is owned by "UID_FMT":"GID_FMT" (%s:%s was requested), refusing.",
+ path, st.st_uid, st.st_gid, u, g);
+ return -EEXIST;
+ }
typedef enum MkdirFlags {
MKDIR_FOLLOW_SYMLINK = 1 << 0,
typedef enum MkdirFlags {
MKDIR_FOLLOW_SYMLINK = 1 << 0,
+ MKDIR_WARN_MODE = 1 << 1,
} MkdirFlags;
int mkdir_errno_wrapper(const char *pathname, mode_t mode);
} MkdirFlags;
int mkdir_errno_wrapper(const char *pathname, mode_t mode);
}
/* First set up private root if it doesn't exist yet, with access mode 0700 and owned by root:root */
}
/* First set up private root if it doesn't exist yet, with access mode 0700 and owned by root:root */
- r = mkdir_safe_label(private_root, 0700, 0, 0, 0);
+ r = mkdir_safe_label(private_root, 0700, 0, 0, MKDIR_WARN_MODE);
mkdir_p_label("/var/lib/systemd", 0755);
mkdir_p_label("/var/lib/systemd", 0755);
- r = mkdir_safe_label("/var/lib/systemd/linger", 0755, 0, 0, 0);
+ r = mkdir_safe_label("/var/lib/systemd/linger", 0755, 0, 0, MKDIR_WARN_MODE);
- r = mkdir_safe_label("/run/systemd/shutdown", 0755, 0, 0, 0);
+ r = mkdir_safe_label("/run/systemd/shutdown", 0755, 0, 0, MKDIR_WARN_MODE);
if (r < 0)
return log_error_errno(r, "Failed to create shutdown subdirectory: %m");
if (r < 0)
return log_error_errno(r, "Failed to create shutdown subdirectory: %m");
- r = mkdir_safe_label("/run/systemd/inhibit", 0755, 0, 0, 0);
+ r = mkdir_safe_label("/run/systemd/inhibit", 0755, 0, 0, MKDIR_WARN_MODE);
/* Create FIFO */
if (!i->fifo_path) {
/* Create FIFO */
if (!i->fifo_path) {
- r = mkdir_safe_label("/run/systemd/inhibit", 0755, 0, 0, 0);
+ r = mkdir_safe_label("/run/systemd/inhibit", 0755, 0, 0, MKDIR_WARN_MODE);
if (!s->started)
return 0;
if (!s->started)
return 0;
- r = mkdir_safe_label("/run/systemd/seats", 0755, 0, 0, 0);
+ r = mkdir_safe_label("/run/systemd/seats", 0755, 0, 0, MKDIR_WARN_MODE);
if (!s->started)
return 0;
if (!s->started)
return 0;
- r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0, 0);
+ r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0, MKDIR_WARN_MODE);
/* Create FIFO */
if (!s->fifo_path) {
/* Create FIFO */
if (!s->fifo_path) {
- r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0, 0);
+ r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0, MKDIR_WARN_MODE);
assert(u);
assert(u->state_file);
assert(u);
assert(u->state_file);
- r = mkdir_safe_label("/run/systemd/users", 0755, 0, 0, 0);
+ r = mkdir_safe_label("/run/systemd/users", 0755, 0, 0, MKDIR_WARN_MODE);
- r = mkdir_safe_label("/run/user", 0755, 0, 0, 0);
+ r = mkdir_safe_label("/run/user", 0755, 0, 0, MKDIR_WARN_MODE);
if (r < 0)
return log_error_errno(r, "Failed to create /run/user: %m");
if (r < 0)
return log_error_errno(r, "Failed to create /run/user: %m");
if (!m->started)
return 0;
if (!m->started)
return 0;
- r = mkdir_safe_label("/run/systemd/machines", 0755, 0, 0, 0);
+ r = mkdir_safe_label("/run/systemd/machines", 0755, 0, 0, MKDIR_WARN_MODE);
/* Create runtime directory. This is not necessary when networkd is
* started with "RuntimeDirectory=systemd/netif", or after
* systemd-tmpfiles-setup.service. */
/* Create runtime directory. This is not necessary when networkd is
* started with "RuntimeDirectory=systemd/netif", or after
* systemd-tmpfiles-setup.service. */
- r = mkdir_safe_label("/run/systemd/netif", 0755, uid, gid, 0);
+ r = mkdir_safe_label("/run/systemd/netif", 0755, uid, gid, MKDIR_WARN_MODE);
if (r < 0)
log_warning_errno(r, "Could not create runtime directory: %m");
if (r < 0)
log_warning_errno(r, "Could not create runtime directory: %m");
/* Always create the directories people can create inotify watches in.
* It is necessary to create the following subdirectories after drop_privileges()
* to support old kernels not supporting AmbientCapabilities=. */
/* Always create the directories people can create inotify watches in.
* It is necessary to create the following subdirectories after drop_privileges()
* to support old kernels not supporting AmbientCapabilities=. */
- r = mkdir_safe_label("/run/systemd/netif/links", 0755, uid, gid, 0);
+ r = mkdir_safe_label("/run/systemd/netif/links", 0755, uid, gid, MKDIR_WARN_MODE);
if (r < 0)
log_warning_errno(r, "Could not create runtime directory 'links': %m");
if (r < 0)
log_warning_errno(r, "Could not create runtime directory 'links': %m");
- r = mkdir_safe_label("/run/systemd/netif/leases", 0755, uid, gid, 0);
+ r = mkdir_safe_label("/run/systemd/netif/leases", 0755, uid, gid, MKDIR_WARN_MODE);
if (r < 0)
log_warning_errno(r, "Could not create runtime directory 'leases': %m");
if (r < 0)
log_warning_errno(r, "Could not create runtime directory 'leases': %m");
- r = mkdir_safe_label("/run/systemd/netif/lldp", 0755, uid, gid, 0);
+ r = mkdir_safe_label("/run/systemd/netif/lldp", 0755, uid, gid, MKDIR_WARN_MODE);
if (r < 0)
log_warning_errno(r, "Could not create runtime directory 'lldp': %m");
if (r < 0)
log_warning_errno(r, "Could not create runtime directory 'lldp': %m");
return log_error_errno(r, "Failed to make home root directory: %m");
r = mkdir_safe(home, 0755, uid, gid, 0);
return log_error_errno(r, "Failed to make home root directory: %m");
r = mkdir_safe(home, 0755, uid, gid, 0);
- if (r < 0 && r != -EEXIST)
+ if (r < 0 && !IN_SET(r, -EEXIST, -ENOTDIR))
return log_error_errno(r, "Failed to make home directory: %m");
(void) fchown(STDIN_FILENO, uid, gid);
return log_error_errno(r, "Failed to make home directory: %m");
(void) fchown(STDIN_FILENO, uid, gid);
}
/* Always create the directory where resolv.conf will live */
}
/* Always create the directory where resolv.conf will live */
- r = mkdir_safe_label("/run/systemd/resolve", 0755, uid, gid, 0);
+ r = mkdir_safe_label("/run/systemd/resolve", 0755, uid, gid, MKDIR_WARN_MODE);
if (r < 0) {
log_error_errno(r, "Could not create runtime directory: %m");
goto finish;
if (r < 0) {
log_error_errno(r, "Could not create runtime directory: %m");
goto finish;
char *r = NULL;
_cleanup_free_ char *pwd = NULL;
char *r = NULL;
_cleanup_free_ char *pwd = NULL;
- assert_se(mkdir_safe(tempdir, 0755, getuid(), getgid(), 0) >= 0);
+ assert_se(mkdir_safe(tempdir, 0755, getuid(), getgid(), MKDIR_WARN_MODE) >= 0);
assert_se(touch(name) >= 0);
assert_se(symlink(name, name_alias) >= 0);
assert_se(touch(name) >= 0);
assert_se(symlink(name, name_alias) >= 0);
- r = mkdir_safe_label("/var/lib/systemd/timesync", 0755, uid, gid, MKDIR_FOLLOW_SYMLINK);
+ r = mkdir_safe_label("/var/lib/systemd/timesync", 0755, uid, gid,
+ MKDIR_FOLLOW_SYMLINK | MKDIR_WARN_MODE);
if (r < 0)
return log_error_errno(r, "Failed to create state directory: %m");
if (r < 0)
return log_error_errno(r, "Failed to create state directory: %m");