Doing this properly is hard, hence let's unify the code.
* something fchown(), fchmod(), futimensat() don't allow. */
xsprintf(fdpath, "/proc/self/fd/%i", fd);
- if (mode != MODE_INVALID)
- if (chmod(fdpath, mode) < 0)
- ret = -errno;
-
- if (uid_is_valid(uid) || gid_is_valid(gid))
- if (chown(fdpath, uid, gid) < 0 && ret >= 0)
- ret = -errno;
+ ret = fchmod_and_chown(fd, mode, uid, gid);
if (stamp != USEC_INFINITY) {
struct timespec ts[2];
#include "chown-recursive.h"
#include "dirent-util.h"
#include "fd-util.h"
+#include "fs-util.h"
#include "macro.h"
#include "stdio-util.h"
#include "strv.h"
char procfs_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1];
const char *n;
+ int r;
assert(fd >= 0);
assert(st);
- if ((!uid_is_valid(uid) || st->st_uid == uid) &&
- (!gid_is_valid(gid) || st->st_gid == gid))
- return 0;
-
- /* We change ownership through the /proc/self/fd/%i path, so that we have a stable reference that works with
- * O_PATH. (Note: fchown() and fchmod() do not work with O_PATH, the kernel refuses that. */
+ /* We change ACLs through the /proc/self/fd/%i path, so that we have a stable reference that works
+ * with O_PATH. */
xsprintf(procfs_path, "/proc/self/fd/%i", fd);
/* Drop any ACL if there is one */
if (!IN_SET(errno, ENODATA, EOPNOTSUPP, ENOSYS, ENOTTY))
return -errno;
- if (chown(procfs_path, uid, gid) < 0)
- return -errno;
-
- /* The linux kernel alters the mode in some cases of chown(), as well when we change ACLs. Let's undo this. We
- * do this only for non-symlinks however. That's because for symlinks the access mode is ignored anyway and
- * because on some kernels/file systems trying to change the access mode will succeed but has no effect while
- * on others it actively fails. */
- if (!S_ISLNK(st->st_mode))
- if (chmod(procfs_path, st->st_mode & 07777 & mask) < 0)
- return -errno;
+ r = fchmod_and_chown(fd, st->st_mode & mask, uid, gid);
+ if (r < 0)
+ return r;
return 1;
}
}
static int chown_terminal(int fd, uid_t uid) {
- struct stat st;
+ int r;
assert(fd >= 0);
/* Before we chown/chmod the TTY, let's ensure this is actually a tty */
- if (isatty(fd) < 1)
- return 0;
+ if (isatty(fd) < 1) {
+ if (IN_SET(errno, EINVAL, ENOTTY))
+ return 0; /* not a tty */
- /* This might fail. What matters are the results. */
- (void) fchown(fd, uid, -1);
- (void) fchmod(fd, TTY_MODE);
-
- if (fstat(fd, &st) < 0)
return -errno;
+ }
- if (st.st_uid != uid || (st.st_mode & 0777) != TTY_MODE)
- return -EPERM;
+ /* This might fail. What matters are the results. */
+ r = fchmod_and_chown(fd, TTY_MODE, uid, -1);
+ if (r < 0)
+ return r;
- return 0;
+ return 1;
}
static int setup_confirm_stdio(const char *vc, int *_saved_stdin, int *_saved_stdout) {
#include "alloc-util.h"
#include "fd-util.h"
+#include "fs-util.h"
#include "io-util.h"
#include "log.h"
#include "main-func.h"
/* This is just a safety measure. Given that we are root and
* most likely created the file ourselves the mode and owner
* should be correct anyway. */
- (void) fchmod(seed_fd, 0600);
- (void) fchown(seed_fd, 0, 0);
+ (void) fchmod_and_chown(seed_fd, 0600, 0, 0);
k = loop_read(random_fd, buf, buf_size, false);
if (k < 0)
if ((stats.st_mode & 0777) != (mode & 0777) || stats.st_uid != uid || stats.st_gid != gid) {
log_device_debug(dev, "Setting permissions %s, %#o, uid=%u, gid=%u", devnode, mode, uid, gid);
- if (chmod(devnode, mode) < 0)
- r = log_device_warning_errno(dev, errno, "Failed to set mode of %s to %#o: %m", devnode, mode);
- if (chown(devnode, uid, gid) < 0)
- r = log_device_warning_errno(dev, errno, "Failed to set owner of %s to uid=%u, gid=%u: %m", devnode, uid, gid);
+
+ r = chmod_and_chown(devnode, mode, uid, gid);
+ if (r < 0)
+ log_device_warning_errno(dev, r, "Failed to set owner/mode of %s to uid=" UID_FMT ", gid=" GID_FMT ", mode=%#o: %m", devnode, uid, gid, mode);
} else
log_device_debug(dev, "Preserve permissions of %s, %#o, uid=%u, gid=%u", devnode, mode, uid, gid);
#include "escape.h"
#include "fd-util.h"
#include "fileio.h"
+#include "format-util.h"
#include "fs-util.h"
#include "glob-util.h"
#include "libudev-util.h"
else
mode = 0600;
}
- if (mode != (stats.st_mode & 01777)) {
- r = chmod(device_node, mode);
- if (r < 0)
- return log_error_errno(errno, "Failed to chmod '%s' %#o: %m",
- device_node, mode);
- else
- log_debug("chmod '%s' %#o", device_node, mode);
- }
- if ((uid != 0 && uid != stats.st_uid) || (gid != 0 && gid != stats.st_gid)) {
- r = chown(device_node, uid, gid);
- if (r < 0)
- return log_error_errno(errno, "Failed to chown '%s' %u %u: %m",
- device_node, uid, gid);
- else
- log_debug("chown '%s' %u %u", device_node, uid, gid);
- }
+ r = chmod_and_chown(device_node, mode, uid, gid);
+ if (r < 0)
+ return log_error_errno(r, "Failed to chown/chmod '%s' uid=" UID_FMT ", gid=" GID_FMT ", mode=%#o: %m", device_node, uid, gid, mode);
+ if (r > 0)
+ log_debug("chown/chmod '%s' uid=" UID_FMT ", gid=" GID_FMT ", mode=%#o", device_node, uid, gid, mode);
- utimensat(AT_FDCWD, device_node, NULL, 0);
+ (void) utimensat(AT_FDCWD, device_node, NULL, 0);
break;
}
case TK_END:
projects / thirdparty / systemd.git / commitdiff
