[lttng-dev] [PATCH] lttng-sessiond: Set group permissions explicitly.

David Goulet dgoulet at efficios.com
Fri Feb 17 12:22:09 EST 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Juha,

This patch seems good to me but I am unable to apply it on the HEAD tree...
Using "git am" I always get:

fatal: corrupt patch at line 10

I don't understand why... can you resend it to me. (git format-patch). I've even
try to only take the "diff" part but patch also fails on line 10.

Thanks!
David

On 12-02-17 12:08 PM, Juha Niskanen wrote:
> If root has a restrictive umask, e.g. 0077 when starting the session
> daemon, users in kernel tracing group cannot access the global run
> directory.
> 
> This patch drops unnecessary group mode bits and always sets the global
> run dir permission regardless of umask.
> 
> Signed-off-by: Juha Niskanen <juniskane at gmail.com>
> ---
>  src/bin/lttng-sessiond/main.c |   13 ++++++++++---
>  1 files changed, 10 insertions(+), 3 deletions(-)
> 
> diff --git a/src/bin/lttng-sessiond/main.c b/src/bin/lttng-sessiond/main.c
> index 6ae3744..2838689 100644
> --- a/src/bin/lttng-sessiond/main.c
> +++ b/src/bin/lttng-sessiond/main.c
> @@ -3913,7 +3913,7 @@ static int check_existing_daemon(void)
>  * Set the tracing group gid onto the client socket.
>  *
>  * Race window between mkdir and chown is OK because we are going from more
> - * permissive (root.root) to les permissive (root.tracing).
> + * permissive (root.root) to less permissive (root.tracing).
>  */
>  static int set_permissions(char *rundir)
>  {
> @@ -3934,6 +3934,13 @@ static int set_permissions(char *rundir)
>                perror("chown");
>        }
> 
> +       /* Ensure tracing group can search the run dir */
> +       ret = chmod(rundir, S_IRWXU | S_IXGRP);
> +       if (ret < 0) {
> +               ERR("Unable to set permissions on %s", rundir);
> +               perror("chmod");
> +       }
> +
>        /* lttng client socket path */
>        ret = chown(client_unix_sock_path, 0, gid);
>        if (ret < 0) {
> @@ -3993,7 +4000,7 @@ static int create_lttng_rundir(const char *rundir)
> 
>        DBG3("Creating LTTng run directory: %s", rundir);
> 
> -       ret = mkdir(rundir, S_IRWXU | S_IRWXG );
> +       ret = mkdir(rundir, S_IRWXU);
>        if (ret < 0) {
>                if (errno != EEXIST) {
>                        ERR("Unable to create %s", rundir);
> @@ -4035,7 +4042,7 @@ static int set_consumer_sockets(struct
> consumer_data *consumer_data,
> 
>        DBG2("Creating consumer directory: %s", path);
> 
> -       ret = mkdir(path, S_IRWXU | S_IRWXG);
> +       ret = mkdir(path, S_IRWXU);
>        if (ret < 0) {
>                if (errno != EEXIST) {
>                        ERR("Failed to create %s", path);
> --
> 1.7.4.1
> 
> _______________________________________________
> lttng-dev mailing list
> lttng-dev at lists.lttng.org
> http://lists.lttng.org/cgi-bin/mailman/listinfo/lttng-dev
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJPPozBAAoJEELoaioR9I02qvUIAMteiHj8fp/Kf0tIlwr4Lv9v
yi8uE/5UnSduwTEmRp1EPtORvXEW2c+4JziVQ7/kbyQiEYHwo/n7zVY+uTNJfD65
gn53ZAXrxugTgk57/ISqkVFoba2Kj/xaajmZw5QRTFgqqTE8pMh2qyJo/zecTWBh
YmczklVfMHYYcw3TeX//3cf+gQRzq+ThhQ/ZiRq5bjox+tKzXjKH6svGPkpqRBj3
ngzi4y29fzmyACv9lAuRrE/lOJdj9Z/Gi+zcw0ENeKleEv2PORi3NLXyWljTrTK4
KSimJnyMAhfFq/wTo7jcsTp1W3qbDWKPG4+eMY8PODt+a7hKEuPrEKZ/IsJaw58=
=eZ+a
-----END PGP SIGNATURE-----



More information about the lttng-dev mailing list