packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

checkout: Only fchown/fchmod directories after we're done populating them 

See https://mail.gnome.org/archives/ostree-list/2014-February/msg00020.html
This commit is contained in:
Colin Walters 2014-02-27 11:19:33 -05:00
parent 683a719b7e
commit b6704f8346
1 changed files with 33 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
src/libostree/ostree-repo-checkout.c
View File

@ -550,9 +550,12 @@ checkout_tree_at (OstreeRepo *self,
gs_unref_variant GVariant *xattrs = NULL; gs_unref_variant GVariant *xattrs = NULL;
gs_unref_object GFileEnumerator *dir_enum = NULL; gs_unref_object GFileEnumerator *dir_enum = NULL;
/* Create initially with mode 0700, then chown/chmod only when we're
* done. This avoids anyone else being able to operate on partially
* constructed dirs.
*/
do do
res = mkdirat (destination_parent_fd, destination_name, res = mkdirat (destination_parent_fd, destination_name, 0700);
g_file_info_get_attribute_uint32 (source_info, "unix::mode"));
while (G_UNLIKELY (res == -1 && errno == EINTR)); while (G_UNLIKELY (res == -1 && errno == EINTR));
if (res == -1) if (res == -1)
{ {
@ -569,19 +572,9 @@ checkout_tree_at (OstreeRepo *self,
cancellable, error)) cancellable, error))
goto out; goto out;
/* Set the xattrs now, so any derived labeling works */
if (!did_exist && mode != OSTREE_REPO_CHECKOUT_MODE_USER) if (!did_exist && mode != OSTREE_REPO_CHECKOUT_MODE_USER)
{ {
do
res = fchown (destination_dfd,
g_file_info_get_attribute_uint32 (source_info, "unix::uid"),
g_file_info_get_attribute_uint32 (source_info, "unix::gid"));
while (G_UNLIKELY (res == -1 && errno == EINTR));
if (G_UNLIKELY (res == -1))
{
ot_util_set_error_from_errno (error, errno);
goto out;
}
if (!ostree_repo_file_get_xattrs (source, &xattrs, NULL, error)) if (!ostree_repo_file_get_xattrs (source, &xattrs, NULL, error))
goto out; goto out;
@ -633,6 +626,33 @@ checkout_tree_at (OstreeRepo *self,
} }
} }
/* We do fchmod/fchown last so that no one else could access the
* partially created directory and change content we're laying out.
*/
if (!did_exist && mode != OSTREE_REPO_CHECKOUT_MODE_USER)
{
do
res = fchmod (destination_dfd,
g_file_info_get_attribute_uint32 (source_info, "unix::mode"));
while (G_UNLIKELY (res == -1 && errno == EINTR));
if (G_UNLIKELY (res == -1))
{
ot_util_set_error_from_errno (error, errno);
goto out;
}
do
res = fchown (destination_dfd,
g_file_info_get_attribute_uint32 (source_info, "unix::uid"),
g_file_info_get_attribute_uint32 (source_info, "unix::gid"));
while (G_UNLIKELY (res == -1 && errno == EINTR));
if (G_UNLIKELY (res == -1))
{
ot_util_set_error_from_errno (error, errno);
goto out;
}
}
ret = TRUE; ret = TRUE;
out: out:
if (destination_dfd != -1) if (destination_dfd != -1)