picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

util: add a bit of syntactic sugar to run short code fragments with a different umask

This commit is contained in:
Lennart Poettering 2013-04-04 03:39:39 +02:00
parent 2fa4092c28
commit 5c0d398dfc
6 changed files with 74 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
src/core/machine-id-setup.c
View File

@ -155,31 +155,27 @@ int machine_id_setup(void) {
bool writable;
struct stat st;
char id[34]; /* 32 + \n + \0 */
mode_t m;
m = umask(0000);
RUN_WITH_UMASK(0000) {
/* We create this 0444, to indicate that this isn't really
* something you should ever modify. Of course, since the file
* will be owned by root it doesn't matter much, but maybe
* people look. */
/* We create this 0444, to indicate that this isn't really
* something you should ever modify. Of course, since the file
* will be owned by root it doesn't matter much, but maybe
* people look. */
fd = open("/etc/machine-id", O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444);
if (fd >= 0)
writable = true;
else {
fd = open("/etc/machine-id", O_RDONLY|O_CLOEXEC|O_NOCTTY);
if (fd < 0) {
log_error("Cannot open /etc/machine-id: %m");
return -errno;
}
fd = open("/etc/machine-id", O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444);
if (fd >= 0)
writable = true;
else {
fd = open("/etc/machine-id", O_RDONLY|O_CLOEXEC|O_NOCTTY);
if (fd < 0) {
umask(m);
log_error("Cannot open /etc/machine-id: %m");
return -errno;
writable = false;
}
writable = false;
}
umask(m);
if (fstat(fd, &st) < 0) {
log_error("fstat() failed: %m");
r = -errno;
@ -215,10 +211,9 @@ int machine_id_setup(void) {
/* Hmm, we couldn't write it? So let's write it to
* /run/machine-id as a replacement */
m = umask(0022);
r = write_string_file("/run/machine-id", id);
umask(m);
RUN_WITH_UMASK(0022) {
r = write_string_file("/run/machine-id", id);
}
if (r < 0) {
log_error("Cannot write /run/machine-id: %s", strerror(-r));

14
src/core/manager.c
View File

@ -1984,7 +1984,6 @@ void manager_dispatch_bus_query_pid_done(
int manager_open_serialization(Manager *m, FILE **_f) {
char *path = NULL;
mode_t saved_umask;
int fd;
FILE *f;
@ -1998,9 +1997,9 @@ int manager_open_serialization(Manager *m, FILE **_f) {
if (!path)
return -ENOMEM;
saved_umask = umask(0077);
fd = mkostemp(path, O_RDWR|O_CLOEXEC);
umask(saved_umask);
RUN_WITH_UMASK(0077) {
fd = mkostemp(path, O_RDWR|O_CLOEXEC);
}
if (fd < 0) {
free(path);
@ -2515,7 +2514,6 @@ void manager_run_generators(Manager *m) {
DIR *d = NULL;
const char *generator_path;
const char *argv[5];
mode_t u;
int r;
assert(m);
@ -2549,9 +2547,9 @@ void manager_run_generators(Manager *m) {
argv[3] = m->generator_unit_path_late;
argv[4] = NULL;
u = umask(0022);
execute_directory(generator_path, d, (char**) argv);
umask(u);
RUN_WITH_UMASK(0022) {
execute_directory(generator_path, d, (char**) argv);
}
trim_generator_dir(m, &m->generator_unit_path);
trim_generator_dir(m, &m->generator_unit_path_early);

14
src/shared/ask-password-api.c
View File

@ -251,7 +251,6 @@ static int create_socket(char **name) {
} sa;
int one = 1, r;
char *c;
mode_t u;
assert(name);
@ -265,9 +264,9 @@ static int create_socket(char **name) {
sa.un.sun_family = AF_UNIX;
snprintf(sa.un.sun_path, sizeof(sa.un.sun_path)-1, "/run/systemd/ask-password/sck.%llu", random_ull());
u = umask(0177);
r = bind(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path));
umask(u);
RUN_WITH_UMASK(0177) {
r = bind(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path));
}
if (r < 0) {
r = -errno;
@ -317,7 +316,6 @@ int ask_password_agent(
int socket_fd = -1, signal_fd = -1;
sigset_t mask, oldmask;
struct pollfd pollfd[_FD_MAX];
mode_t u;
assert(_passphrases);
@ -327,9 +325,9 @@ int ask_password_agent(
mkdir_p_label("/run/systemd/ask-password", 0755);
u = umask(0022);
fd = mkostemp(temp, O_CLOEXEC|O_CREAT|O_WRONLY);
umask(u);
RUN_WITH_UMASK(0022) {
fd = mkostemp(temp, O_CLOEXEC|O_CREAT|O_WRONLY);
}
if (fd < 0) {
log_error("Failed to create password file: %m");

13
src/shared/util.c
View File

@ -5732,12 +5732,12 @@ int search_and_fopen_nulstr(const char *path, const char *mode, const char *sear
int create_tmp_dir(char template[], char** dir_name) {
int r = 0;
char *d, *dt;
mode_t _cleanup_umask_ u;
assert(dir_name);
u = umask(0077);
d = mkdtemp(template);
RUN_WITH_UMASK(0077) {
d = mkdtemp(template);
}
if (!d) {
log_error("Can't create directory %s: %m", template);
return -errno;
@ -5749,9 +5749,10 @@ int create_tmp_dir(char template[], char** dir_name) {
goto fail3;
}
umask(0000);
r = mkdir(dt, 0777);
if (r) {
RUN_WITH_UMASK(0000) {
r = mkdir(dt, 0777);
}
if (r < 0) {
log_error("Can't create directory %s: %m", dt);
r = -errno;
goto fail2;

18
src/shared/util.h
View File

@ -616,8 +616,22 @@ char *strrep(const char *s, unsigned n);
void* greedy_realloc(void **p, size_t *allocated, size_t need);
static inline void reset_errno(int *saved_errno) {
static inline void _reset_errno_(int *saved_errno) {
errno = *saved_errno;
}
#define PROTECT_ERRNO __attribute__((cleanup(reset_errno))) int _saved_errno_ = errno
#define PROTECT_ERRNO __attribute__((cleanup(_reset_errno_))) int _saved_errno_ = errno
struct umask_struct {
mode_t mask;
bool quit;
};
static inline void _reset_umask_(struct umask_struct *s) {
umask(s->mask);
};
#define RUN_WITH_UMASK(mask) \
for (__attribute__((cleanup(_reset_umask_))) struct umask_struct _saved_umask_ = { umask(mask), false }; \
!_saved_umask_.quit ; \
_saved_umask_.quit = true)

44
src/tmpfiles/tmpfiles.c
View File

@ -454,18 +454,17 @@ static int item_set_perms(Item *i, const char *path) {
static int write_one_file(Item *i, const char *path) {
int r, e, fd, flags;
struct stat st;
mode_t u;
flags = i->type == CREATE_FILE ? O_CREAT|O_APPEND :
i->type == TRUNCATE_FILE ? O_CREAT|O_TRUNC : 0;
u = umask(0);
label_context_set(path, S_IFREG);
fd = open(path, flags|O_NDELAY|O_CLOEXEC|O_WRONLY|O_NOCTTY|O_NOFOLLOW, i->mode);
e = errno;
label_context_clear();
umask(u);
errno = e;
RUN_WITH_UMASK(0) {
label_context_set(path, S_IFREG);
fd = open(path, flags|O_NDELAY|O_CLOEXEC|O_WRONLY|O_NOCTTY|O_NOFOLLOW, i->mode);
e = errno;
label_context_clear();
errno = e;
}
if (fd < 0) {
if (i->type == WRITE_FILE && errno == ENOENT)
@ -629,7 +628,6 @@ static int glob_item(Item *i, int (*action)(Item *, const char *)) {
static int create_item(Item *i) {
int r, e;
mode_t u;
struct stat st;
assert(i);
@ -658,10 +656,10 @@ static int create_item(Item *i) {
case TRUNCATE_DIRECTORY:
case CREATE_DIRECTORY:
u = umask(0);
mkdir_parents_label(i->path, 0755);
r = mkdir(i->path, i->mode);
umask(u);
RUN_WITH_UMASK(0000) {
mkdir_parents_label(i->path, 0755);
r = mkdir(i->path, i->mode);
}
if (r < 0 && errno != EEXIST) {
log_error("Failed to create directory %s: %m", i->path);
@ -686,9 +684,9 @@ static int create_item(Item *i) {
case CREATE_FIFO:
u = umask(0);
r = mkfifo(i->path, i->mode);
umask(u);
RUN_WITH_UMASK(0000) {
r = mkfifo(i->path, i->mode);
}
if (r < 0 && errno != EEXIST) {
log_error("Failed to create fifo %s: %m", i->path);
@ -757,13 +755,13 @@ static int create_item(Item *i) {
file_type = (i->type == CREATE_BLOCK_DEVICE ? S_IFBLK : S_IFCHR);
u = umask(0);
label_context_set(i->path, file_type);
r = mknod(i->path, i->mode | file_type, i->major_minor);
e = errno;
label_context_clear();
umask(u);
errno = e;
RUN_WITH_UMASK(0000) {
label_context_set(i->path, file_type);
r = mknod(i->path, i->mode | file_type, i->major_minor);
e = errno;
label_context_clear();
errno = e;
}
if (r < 0 && errno != EEXIST) {
log_error("Failed to create device node %s: %m", i->path);