From 4b3b5bc71b791a67d991389d8f59ab891b051b86 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 30 Apr 2019 19:25:29 +0200 Subject: [PATCH] tree-wide: port various places over to use chmod_and_chown() Doing this properly is hard, hence let's unify the code. --- src/basic/fs-util.c | 8 +------- src/core/chown-recursive.c | 23 +++++++---------------- src/core/execute.c | 23 +++++++++++------------ src/random-seed/random-seed.c | 4 ++-- src/udev/udev-node.c | 8 ++++---- src/udev/udev-rules.c | 24 +++++++----------------- 6 files changed, 32 insertions(+), 58 deletions(-) diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c index 5a3f8b827f..7dfc1b309d 100644 --- a/src/basic/fs-util.c +++ b/src/basic/fs-util.c @@ -359,13 +359,7 @@ int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gi * something fchown(), fchmod(), futimensat() don't allow. */ xsprintf(fdpath, "/proc/self/fd/%i", fd); - if (mode != MODE_INVALID) - if (chmod(fdpath, mode) < 0) - ret = -errno; - - if (uid_is_valid(uid) || gid_is_valid(gid)) - if (chown(fdpath, uid, gid) < 0 && ret >= 0) - ret = -errno; + ret = fchmod_and_chown(fd, mode, uid, gid); if (stamp != USEC_INFINITY) { struct timespec ts[2]; diff --git a/src/core/chown-recursive.c b/src/core/chown-recursive.c index fb42865875..24cdf25b83 100644 --- a/src/core/chown-recursive.c +++ b/src/core/chown-recursive.c @@ -8,6 +8,7 @@ #include "chown-recursive.h" #include "dirent-util.h" #include "fd-util.h" +#include "fs-util.h" #include "macro.h" #include "stdio-util.h" #include "strv.h" @@ -22,16 +23,13 @@ static int chown_one( char procfs_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1]; const char *n; + int r; assert(fd >= 0); assert(st); - if ((!uid_is_valid(uid) || st->st_uid == uid) && - (!gid_is_valid(gid) || st->st_gid == gid)) - return 0; - - /* We change ownership through the /proc/self/fd/%i path, so that we have a stable reference that works with - * O_PATH. (Note: fchown() and fchmod() do not work with O_PATH, the kernel refuses that. */ + /* We change ACLs through the /proc/self/fd/%i path, so that we have a stable reference that works + * with O_PATH. */ xsprintf(procfs_path, "/proc/self/fd/%i", fd); /* Drop any ACL if there is one */ @@ -40,16 +38,9 @@ static int chown_one( if (!IN_SET(errno, ENODATA, EOPNOTSUPP, ENOSYS, ENOTTY)) return -errno; - if (chown(procfs_path, uid, gid) < 0) - return -errno; - - /* The linux kernel alters the mode in some cases of chown(), as well when we change ACLs. Let's undo this. We - * do this only for non-symlinks however. That's because for symlinks the access mode is ignored anyway and - * because on some kernels/file systems trying to change the access mode will succeed but has no effect while - * on others it actively fails. */ - if (!S_ISLNK(st->st_mode)) - if (chmod(procfs_path, st->st_mode & 07777 & mask) < 0) - return -errno; + r = fchmod_and_chown(fd, st->st_mode & mask, uid, gid); + if (r < 0) + return r; return 1; } diff --git a/src/core/execute.c b/src/core/execute.c index e90c3ac4f3..ab2a4de37a 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -728,25 +728,24 @@ static int setup_output( } static int chown_terminal(int fd, uid_t uid) { - struct stat st; + int r; assert(fd >= 0); /* Before we chown/chmod the TTY, let's ensure this is actually a tty */ - if (isatty(fd) < 1) - return 0; + if (isatty(fd) < 1) { + if (IN_SET(errno, EINVAL, ENOTTY)) + return 0; /* not a tty */ + + return -errno; + } /* This might fail. What matters are the results. */ - (void) fchown(fd, uid, -1); - (void) fchmod(fd, TTY_MODE); + r = fchmod_and_chown(fd, TTY_MODE, uid, -1); + if (r < 0) + return r; - if (fstat(fd, &st) < 0) - return -errno; - - if (st.st_uid != uid || (st.st_mode & 0777) != TTY_MODE) - return -EPERM; - - return 0; + return 1; } static int setup_confirm_stdio(const char *vc, int *_saved_stdin, int *_saved_stdout) { diff --git a/src/random-seed/random-seed.c b/src/random-seed/random-seed.c index 71c2dba431..510a2715f2 100644 --- a/src/random-seed/random-seed.c +++ b/src/random-seed/random-seed.c @@ -10,6 +10,7 @@ #include "alloc-util.h" #include "fd-util.h" +#include "fs-util.h" #include "io-util.h" #include "log.h" #include "main-func.h" @@ -156,8 +157,7 @@ static int run(int argc, char *argv[]) { /* This is just a safety measure. Given that we are root and * most likely created the file ourselves the mode and owner * should be correct anyway. */ - (void) fchmod(seed_fd, 0600); - (void) fchown(seed_fd, 0, 0); + (void) fchmod_and_chown(seed_fd, 0600, 0, 0); k = loop_read(random_fd, buf, buf_size, false); if (k < 0) diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c index cfbbd7b283..67d573cf2b 100644 --- a/src/udev/udev-node.c +++ b/src/udev/udev-node.c @@ -310,10 +310,10 @@ static int node_permissions_apply(sd_device *dev, bool apply, if ((stats.st_mode & 0777) != (mode & 0777) || stats.st_uid != uid || stats.st_gid != gid) { log_device_debug(dev, "Setting permissions %s, %#o, uid=%u, gid=%u", devnode, mode, uid, gid); - if (chmod(devnode, mode) < 0) - r = log_device_warning_errno(dev, errno, "Failed to set mode of %s to %#o: %m", devnode, mode); - if (chown(devnode, uid, gid) < 0) - r = log_device_warning_errno(dev, errno, "Failed to set owner of %s to uid=%u, gid=%u: %m", devnode, uid, gid); + + r = chmod_and_chown(devnode, mode, uid, gid); + if (r < 0) + log_device_warning_errno(dev, r, "Failed to set owner/mode of %s to uid=" UID_FMT ", gid=" GID_FMT ", mode=%#o: %m", devnode, uid, gid, mode); } else log_device_debug(dev, "Preserve permissions of %s, %#o, uid=%u, gid=%u", devnode, mode, uid, gid); diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c index 96840b272c..696d98a40a 100644 --- a/src/udev/udev-rules.c +++ b/src/udev/udev-rules.c @@ -22,6 +22,7 @@ #include "escape.h" #include "fd-util.h" #include "fileio.h" +#include "format-util.h" #include "fs-util.h" #include "glob-util.h" #include "libudev-util.h" @@ -2591,25 +2592,14 @@ int udev_rules_apply_static_dev_perms(UdevRules *rules) { else mode = 0600; } - if (mode != (stats.st_mode & 01777)) { - r = chmod(device_node, mode); - if (r < 0) - return log_error_errno(errno, "Failed to chmod '%s' %#o: %m", - device_node, mode); - else - log_debug("chmod '%s' %#o", device_node, mode); - } - if ((uid != 0 && uid != stats.st_uid) || (gid != 0 && gid != stats.st_gid)) { - r = chown(device_node, uid, gid); - if (r < 0) - return log_error_errno(errno, "Failed to chown '%s' %u %u: %m", - device_node, uid, gid); - else - log_debug("chown '%s' %u %u", device_node, uid, gid); - } + r = chmod_and_chown(device_node, mode, uid, gid); + if (r < 0) + return log_error_errno(r, "Failed to chown/chmod '%s' uid=" UID_FMT ", gid=" GID_FMT ", mode=%#o: %m", device_node, uid, gid, mode); + if (r > 0) + log_debug("chown/chmod '%s' uid=" UID_FMT ", gid=" GID_FMT ", mode=%#o", device_node, uid, gid, mode); - utimensat(AT_FDCWD, device_node, NULL, 0); + (void) utimensat(AT_FDCWD, device_node, NULL, 0); break; } case TK_END: