cgroup-setup: use fchownat() + AT_EMPTY_PATH where appropriate

This already existed long before our kernel baseline.
While at it, switch to RET_GATHER().

diff --git a/src/shared/cgroup-setup.c b/src/shared/cgroup-setup.c
index 016da01eb3d9b626004ee730aeb0d9db12d31b07..b1cb47900c6aeea1e05034382c0798c1cf912301 100644 (file)
--- a/src/shared/cgroup-setup.c
+++ b/src/shared/cgroup-setup.c
@@ -539,20 +539,16 @@ static int access_callback(
                 const struct statx *sx,
                 void *userdata) {
 
-        struct access_callback_data *d = ASSERT_PTR(userdata);
-
         if (!IN_SET(event, RECURSE_DIR_ENTER, RECURSE_DIR_ENTRY))
                 return RECURSE_DIR_CONTINUE;
 
-        assert(inode_fd >= 0);
+        struct access_callback_data *d = ASSERT_PTR(userdata);
 
-        /* fchown() doesn't support O_PATH fds, hence we use the /proc/self/fd/ trick */
-        if (chown(FORMAT_PROC_FD_PATH(inode_fd), d->uid, d->gid) < 0) {
-                log_debug_errno(errno, "Failed to change ownership of '%s', ignoring: %m", ASSERT_PTR(path));
+        assert(path);
+        assert(inode_fd >= 0);
 
-                if (d->error == 0) /* Return last error to caller */
-                        d->error = errno;
-        }
+        if (fchownat(inode_fd, "", d->uid, d->gid, AT_EMPTY_PATH) < 0)
+                RET_GATHER(d->error, log_debug_errno(errno, "Failed to change ownership of '%s', ignoring: %m", path));
 
         return RECURSE_DIR_CONTINUE;
 }
@@ -600,7 +596,8 @@ int cg_set_access_recursive(
         if (r < 0)
                 return r;
 
-        return -d.error;
+        assert(d.error <= 0);
+        return d.error;
 }
 
 int cg_migrate(