dissect-image: teach mountfsd_make_directory() the new access mode parameter

author Lennart Poettering <lennart@poettering.net>

Thu, 20 Nov 2025 12:15:27 +0000 (13:15 +0100)

committer Lennart Poettering <lennart@poettering.net>

Sun, 21 Dec 2025 06:04:42 +0000 (07:04 +0100)
author Lennart Poettering <lennart@poettering.net>
Thu, 20 Nov 2025 12:15:27 +0000 (13:15 +0100)
committer Lennart Poettering <lennart@poettering.net>
Sun, 21 Dec 2025 06:04:42 +0000 (07:04 +0100)
diff --git a/src/import/import-tar.c b/src/import/import-tar.c

index 5aa3a98640e2977853666bf7fa7ef9b6762c5fc7..ed96e27222bea969698607550846de488bff0729 100644 (file)
--- a/src/import/import-tar.c
+++ b/src/import/import-tar.c
@@ -257,7 +257,7 @@ static int tar_import_fork_tar(TarImport *i) {
                          return r;
  
                  _cleanup_close_ int directory_fd = -EBADF;
-                r = mountfsd_make_directory(d, /* flags= */ 0, &directory_fd);
+                r = mountfsd_make_directory(d, MODE_INVALID, /* flags= */ 0, &directory_fd);
                  if (r < 0)
                          return r;
  
diff --git a/src/import/pull-tar.c b/src/import/pull-tar.c

index fe28d99d30ecca9fa03433bea1dfef7210eb7605..25b07b1192f382c22f8734825628c604f4dc7380 100644 (file)
--- a/src/import/pull-tar.c
+++ b/src/import/pull-tar.c
@@ -297,7 +297,7 @@ static int tar_pull_make_local_copy(TarPull *p) {
                          }
  
                          _cleanup_close_ int directory_fd = -EBADF;
-                        r = mountfsd_make_directory(t, /* flags= */ 0, &directory_fd);
+                        r = mountfsd_make_directory(t, MODE_INVALID, /* flags= */ 0, &directory_fd);
                          if (r < 0)
                                  return r;
  
@@ -609,7 +609,7 @@ static int tar_pull_job_on_open_disk_tar(PullJob *j) {
                          return r;
  
                  _cleanup_close_ int directory_fd = -EBADF;
-                r = mountfsd_make_directory(where, /* flags= */ 0, &directory_fd);
+                r = mountfsd_make_directory(where, MODE_INVALID, /* flags= */ 0, &directory_fd);
                  if (r < 0)
                          return r;
  
diff --git a/src/shared/discover-image.c b/src/shared/discover-image.c

index b09181a73adc1b42d38e0a753e3e59c8971cf095..fa92b47172363d48d1434e8dc32831182a379613 100644 (file)
--- a/src/shared/discover-image.c
+++ b/src/shared/discover-image.c
@@ -1491,6 +1491,7 @@ static int unpriviled_clone(Image *i, const char *new_path) {
          _cleanup_close_ int new_fd = -EBADF;
          r = mountfsd_make_directory(
                          new_path,
+                        MODE_INVALID,
                          /* flags= */ 0,
                          &new_fd);
          if (r < 0)
diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c

index 6fc5a0d74678d4bacd278f51affefeb582d623a9..0957257080e9f090cb20ef76fef61cd235c28aa5 100644 (file)
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@@ -5329,6 +5329,7 @@ int mountfsd_mount_directory(
  int mountfsd_make_directory_fd(
                  int parent_fd,
                  const char *name,
+                mode_t mode,
                  DissectImageFlags flags,
                  int *ret_directory_fd) {
  
@@ -5363,6 +5364,7 @@ int mountfsd_make_directory_fd(
                          &error_id,
                          SD_JSON_BUILD_PAIR_UNSIGNED("parentFileDescriptor", 0),
                          SD_JSON_BUILD_PAIR_STRING("name", name),
+                        SD_JSON_BUILD_PAIR_CONDITION(!IN_SET(mode, MODE_INVALID, 0700), "mode", SD_JSON_BUILD_UNSIGNED(mode)), /* suppress this field if default/unset */
                          SD_JSON_BUILD_PAIR_BOOLEAN("allowInteractiveAuthentication", FLAGS_SET(flags, DISSECT_IMAGE_ALLOW_INTERACTIVE_AUTH)));
          if (r < 0)
                  return r;
@@ -5388,6 +5390,7 @@ int mountfsd_make_directory_fd(
  
  int mountfsd_make_directory(
                  const char *path,
+                mode_t mode,
                  DissectImageFlags flags,
                  int *ret_directory_fd) {
  
@@ -5407,5 +5410,5 @@ int mountfsd_make_directory(
          if (fd < 0)
                  return log_error_errno(r, "Failed to open '%s': %m", parent);
  
-        return mountfsd_make_directory_fd(fd, dirname, flags, ret_directory_fd);
+        return mountfsd_make_directory_fd(fd, dirname, mode, flags, ret_directory_fd);
  }
diff --git a/src/shared/dissect-image.h b/src/shared/dissect-image.h

index a07bd907ae6e53ce89f7688f609ce957303eed68..e22f14c61b2ad0d43b143d6d3e2ee29e72cfe91a 100644 (file)
--- a/src/shared/dissect-image.h
+++ b/src/shared/dissect-image.h
@@ -273,5 +273,5 @@ int mountfsd_mount_image(const char *path, int userns_fd, const ImagePolicy *ima
  int mountfsd_mount_directory_fd(int directory_fd, int userns_fd, DissectImageFlags flags, int *ret_mount_fd);
  int mountfsd_mount_directory(const char *path, int userns_fd, DissectImageFlags flags, int *ret_mount_fd);
  
-int mountfsd_make_directory_fd(int parent_fd, const char *name, DissectImageFlags flags, int *ret_directory_fd);
-int mountfsd_make_directory(const char *path, DissectImageFlags flags, int *ret_directory_fd);
+int mountfsd_make_directory_fd(int parent_fd, const char *name, mode_t mode, DissectImageFlags flags, int *ret_directory_fd);
+int mountfsd_make_directory(const char *path, mode_t mode, DissectImageFlags flags, int *ret_directory_fd);
author	Lennart Poettering <lennart@poettering.net>
	Thu, 20 Nov 2025 12:15:27 +0000 (13:15 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Sun, 21 Dec 2025 06:04:42 +0000 (07:04 +0100)
src/import/import-tar.c		patch \| blob \| blame \| history
src/import/pull-tar.c		patch \| blob \| blame \| history
src/shared/discover-image.c		patch \| blob \| blame \| history
src/shared/dissect-image.c		patch \| blob \| blame \| history
src/shared/dissect-image.h		patch \| blob \| blame \| history