conf-parser: warn when we open configuration files with weird access bits
This commit is contained in:
parent
e59749b1f8
commit
fdb9161cd3
|
@ -100,8 +100,8 @@ static int process_dir(
|
|||
UnitDependency dependency,
|
||||
char ***strv) {
|
||||
|
||||
_cleanup_free_ char *path = NULL;
|
||||
int r;
|
||||
char *path;
|
||||
|
||||
assert(u);
|
||||
assert(unit_path);
|
||||
|
@ -112,39 +112,29 @@ static int process_dir(
|
|||
if (!path)
|
||||
return log_oom();
|
||||
|
||||
if (u->manager->unit_path_cache &&
|
||||
!set_get(u->manager->unit_path_cache, path))
|
||||
r = 0;
|
||||
else
|
||||
if (!u->manager->unit_path_cache || set_get(u->manager->unit_path_cache, path)) {
|
||||
r = iterate_dir(u, path, dependency, strv);
|
||||
free(path);
|
||||
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
||||
if (u->instance) {
|
||||
char *template;
|
||||
_cleanup_free_ char *template = NULL, *p = NULL;
|
||||
/* Also try the template dir */
|
||||
|
||||
template = unit_name_template(name);
|
||||
if (!template)
|
||||
return log_oom();
|
||||
|
||||
path = strjoin(unit_path, "/", template, suffix, NULL);
|
||||
free(template);
|
||||
|
||||
if (!path)
|
||||
p = strjoin(unit_path, "/", template, suffix, NULL);
|
||||
if (!p)
|
||||
return log_oom();
|
||||
|
||||
if (u->manager->unit_path_cache &&
|
||||
!set_get(u->manager->unit_path_cache, path))
|
||||
r = 0;
|
||||
else
|
||||
r = iterate_dir(u, path, dependency, strv);
|
||||
free(path);
|
||||
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (!u->manager->unit_path_cache || set_get(u->manager->unit_path_cache, p)) {
|
||||
r = iterate_dir(u, p, dependency, strv);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
|
|
@ -332,6 +332,8 @@ int config_parse(const char *unit,
|
|||
}
|
||||
}
|
||||
|
||||
fd_warn_permissions(filename, fileno(f));
|
||||
|
||||
while (!feof(f)) {
|
||||
char l[LINE_MAX], *p, *c = NULL, *e;
|
||||
bool escaped = false;
|
||||
|
|
|
@ -6132,3 +6132,21 @@ int open_tmpfile(const char *path, int flags) {
|
|||
unlink(p);
|
||||
return fd;
|
||||
}
|
||||
|
||||
int fd_warn_permissions(const char *path, int fd) {
|
||||
struct stat st;
|
||||
|
||||
if (fstat(fd, &st) < 0)
|
||||
return -errno;
|
||||
|
||||
if (st.st_mode & 0111)
|
||||
log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path);
|
||||
|
||||
if (st.st_mode & 0002)
|
||||
log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path);
|
||||
|
||||
if (getpid() == 1 && (st.st_mode & 0044) != 0044)
|
||||
log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -867,3 +867,5 @@ int writev_safe(int fd, const struct iovec *w, int j);
|
|||
|
||||
int mkostemp_safe(char *pattern, int flags);
|
||||
int open_tmpfile(const char *path, int flags);
|
||||
|
||||
int fd_warn_permissions(const char *path, int fd);
|
||||
|
|
Loading…
Reference in a new issue