[lttng-dev] [PATCH] lttng-sessiond: Set group permissions explicitly.
David Goulet
dgoulet at efficios.com
Fri Feb 17 12:22:09 EST 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Juha,
This patch seems good to me but I am unable to apply it on the HEAD tree...
Using "git am" I always get:
fatal: corrupt patch at line 10
I don't understand why... can you resend it to me. (git format-patch). I've even
try to only take the "diff" part but patch also fails on line 10.
Thanks!
David
On 12-02-17 12:08 PM, Juha Niskanen wrote:
> If root has a restrictive umask, e.g. 0077 when starting the session
> daemon, users in kernel tracing group cannot access the global run
> directory.
>
> This patch drops unnecessary group mode bits and always sets the global
> run dir permission regardless of umask.
>
> Signed-off-by: Juha Niskanen <juniskane at gmail.com>
> ---
> src/bin/lttng-sessiond/main.c | 13 ++++++++++---
> 1 files changed, 10 insertions(+), 3 deletions(-)
>
> diff --git a/src/bin/lttng-sessiond/main.c b/src/bin/lttng-sessiond/main.c
> index 6ae3744..2838689 100644
> --- a/src/bin/lttng-sessiond/main.c
> +++ b/src/bin/lttng-sessiond/main.c
> @@ -3913,7 +3913,7 @@ static int check_existing_daemon(void)
> * Set the tracing group gid onto the client socket.
> *
> * Race window between mkdir and chown is OK because we are going from more
> - * permissive (root.root) to les permissive (root.tracing).
> + * permissive (root.root) to less permissive (root.tracing).
> */
> static int set_permissions(char *rundir)
> {
> @@ -3934,6 +3934,13 @@ static int set_permissions(char *rundir)
> perror("chown");
> }
>
> + /* Ensure tracing group can search the run dir */
> + ret = chmod(rundir, S_IRWXU | S_IXGRP);
> + if (ret < 0) {
> + ERR("Unable to set permissions on %s", rundir);
> + perror("chmod");
> + }
> +
> /* lttng client socket path */
> ret = chown(client_unix_sock_path, 0, gid);
> if (ret < 0) {
> @@ -3993,7 +4000,7 @@ static int create_lttng_rundir(const char *rundir)
>
> DBG3("Creating LTTng run directory: %s", rundir);
>
> - ret = mkdir(rundir, S_IRWXU | S_IRWXG );
> + ret = mkdir(rundir, S_IRWXU);
> if (ret < 0) {
> if (errno != EEXIST) {
> ERR("Unable to create %s", rundir);
> @@ -4035,7 +4042,7 @@ static int set_consumer_sockets(struct
> consumer_data *consumer_data,
>
> DBG2("Creating consumer directory: %s", path);
>
> - ret = mkdir(path, S_IRWXU | S_IRWXG);
> + ret = mkdir(path, S_IRWXU);
> if (ret < 0) {
> if (errno != EEXIST) {
> ERR("Failed to create %s", path);
> --
> 1.7.4.1
>
> _______________________________________________
> lttng-dev mailing list
> lttng-dev at lists.lttng.org
> http://lists.lttng.org/cgi-bin/mailman/listinfo/lttng-dev
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJPPozBAAoJEELoaioR9I02qvUIAMteiHj8fp/Kf0tIlwr4Lv9v
yi8uE/5UnSduwTEmRp1EPtORvXEW2c+4JziVQ7/kbyQiEYHwo/n7zVY+uTNJfD65
gn53ZAXrxugTgk57/ISqkVFoba2Kj/xaajmZw5QRTFgqqTE8pMh2qyJo/zecTWBh
YmczklVfMHYYcw3TeX//3cf+gQRzq+ThhQ/ZiRq5bjox+tKzXjKH6svGPkpqRBj3
ngzi4y29fzmyACv9lAuRrE/lOJdj9Z/Gi+zcw0ENeKleEv2PORi3NLXyWljTrTK4
KSimJnyMAhfFq/wTo7jcsTp1W3qbDWKPG4+eMY8PODt+a7hKEuPrEKZ/IsJaw58=
=eZ+a
-----END PGP SIGNATURE-----
More information about the lttng-dev
mailing list