libmount: use eacess() rather than open() to check mtab/utab

The open() syscall is probably the most strong way how to check write
accessibility in all situations, but it's overkill and on some
paranoid systems with enabled audit/selinux. It fills logs with
"Permission denied" entries. Let's use eaccess() if available.

Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/configure.ac b/configure.ac
index 1899ec3c0f42908337017f616096e9fd8be08c88..eebe922591a5c338bf1882c0f3b15a91f9edf3fb 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -391,6 +391,7 @@ AC_CHECK_FUNCS([ \
        __fpending \
        secure_getenv \
        __secure_getenv \
+       eaccess \
        err \
        errx \
        explicit_bzero \

diff --git a/libmount/src/utils.c b/libmount/src/utils.c
index a5617e6c02d1617788818f9e2a089030bd22ddb3..711d1683e2c42002ab738a15a8a24d91c7de7643 100644 (file)
--- a/libmount/src/utils.c
+++ b/libmount/src/utils.c
@@ -647,17 +647,24 @@ done:
 
 static int try_write(const char *filename)
 {
-       int fd, rc = 0;
+       int rc = 0;
 
        if (!filename)
                return -EINVAL;
 
-       fd = open(filename, O_RDWR|O_CREAT|O_CLOEXEC,
-                           S_IWUSR|S_IRUSR|S_IRGRP|S_IROTH);
-       if (fd < 0)
+#ifdef HAVE_EACCESS
+       if (eaccess(filename, R_OK|W_OK) != 0)
                rc = -errno;
-       else
-               close(fd);
+#else
+       {
+               int fd = open(filename, O_RDWR|O_CREAT|O_CLOEXEC,
+                           S_IWUSR|S_IRUSR|S_IRGRP|S_IROTH);
+               if (fd < 0)
+                       rc = -errno;
+               else
+                       close(fd);
+       }
+#endif
        return rc;
 }