[lttng-dev] [PATCH] lttng-sessiond: Set group permissions explicitly.

Juha Niskanen juniskane at gmail.com
Fri Feb 17 13:42:56 EST 2012


Hi David,

This is probably because my git send-email mysteriously stopped
functioning at all when I updated perl earlier today, and apparently
something went wrong when attempting to work around it.

Can you apply this from attached file please? I apologize for sending
this non-standardly as an attachment and will fix my email environment
before sending any further patches.

Best Regards,
  Juha

On Fri, Feb 17, 2012 at 7:22 PM, David Goulet <dgoulet at efficios.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Juha,
>
> This patch seems good to me but I am unable to apply it on the HEAD tree...
> Using "git am" I always get:
>
> fatal: corrupt patch at line 10
>
> I don't understand why... can you resend it to me. (git format-patch). I've even
> try to only take the "diff" part but patch also fails on line 10.
>
> Thanks!
> David
>
> On 12-02-17 12:08 PM, Juha Niskanen wrote:
>> If root has a restrictive umask, e.g. 0077 when starting the session
>> daemon, users in kernel tracing group cannot access the global run
>> directory.
>>
>> This patch drops unnecessary group mode bits and always sets the global
>> run dir permission regardless of umask.
>>
>> Signed-off-by: Juha Niskanen <juniskane at gmail.com>
>> ---
>>  src/bin/lttng-sessiond/main.c |   13 ++++++++++---
>>  1 files changed, 10 insertions(+), 3 deletions(-)
>>
>> diff --git a/src/bin/lttng-sessiond/main.c b/src/bin/lttng-sessiond/main.c
>> index 6ae3744..2838689 100644
>> --- a/src/bin/lttng-sessiond/main.c
>> +++ b/src/bin/lttng-sessiond/main.c
>> @@ -3913,7 +3913,7 @@ static int check_existing_daemon(void)
>>  * Set the tracing group gid onto the client socket.
>>  *
>>  * Race window between mkdir and chown is OK because we are going from more
>> - * permissive (root.root) to les permissive (root.tracing).
>> + * permissive (root.root) to less permissive (root.tracing).
>>  */
>>  static int set_permissions(char *rundir)
>>  {
>> @@ -3934,6 +3934,13 @@ static int set_permissions(char *rundir)
>>                perror("chown");
>>        }
>>
>> +       /* Ensure tracing group can search the run dir */
>> +       ret = chmod(rundir, S_IRWXU | S_IXGRP);
>> +       if (ret < 0) {
>> +               ERR("Unable to set permissions on %s", rundir);
>> +               perror("chmod");
>> +       }
>> +
>>        /* lttng client socket path */
>>        ret = chown(client_unix_sock_path, 0, gid);
>>        if (ret < 0) {
>> @@ -3993,7 +4000,7 @@ static int create_lttng_rundir(const char *rundir)
>>
>>        DBG3("Creating LTTng run directory: %s", rundir);
>>
>> -       ret = mkdir(rundir, S_IRWXU | S_IRWXG );
>> +       ret = mkdir(rundir, S_IRWXU);
>>        if (ret < 0) {
>>                if (errno != EEXIST) {
>>                        ERR("Unable to create %s", rundir);
>> @@ -4035,7 +4042,7 @@ static int set_consumer_sockets(struct
>> consumer_data *consumer_data,
>>
>>        DBG2("Creating consumer directory: %s", path);
>>
>> -       ret = mkdir(path, S_IRWXU | S_IRWXG);
>> +       ret = mkdir(path, S_IRWXU);
>>        if (ret < 0) {
>>                if (errno != EEXIST) {
>>                        ERR("Failed to create %s", path);
>> --
>> 1.7.4.1
>>
>> _______________________________________________
>> lttng-dev mailing list
>> lttng-dev at lists.lttng.org
>> http://lists.lttng.org/cgi-bin/mailman/listinfo/lttng-dev
>>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iQEcBAEBAgAGBQJPPozBAAoJEELoaioR9I02qvUIAMteiHj8fp/Kf0tIlwr4Lv9v
> yi8uE/5UnSduwTEmRp1EPtORvXEW2c+4JziVQ7/kbyQiEYHwo/n7zVY+uTNJfD65
> gn53ZAXrxugTgk57/ISqkVFoba2Kj/xaajmZw5QRTFgqqTE8pMh2qyJo/zecTWBh
> YmczklVfMHYYcw3TeX//3cf+gQRzq+ThhQ/ZiRq5bjox+tKzXjKH6svGPkpqRBj3
> ngzi4y29fzmyACv9lAuRrE/lOJdj9Z/Gi+zcw0ENeKleEv2PORi3NLXyWljTrTK4
> KSimJnyMAhfFq/wTo7jcsTp1W3qbDWKPG4+eMY8PODt+a7hKEuPrEKZ/IsJaw58=
> =eZ+a
> -----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-lttng-sessiond-Set-group-permissions-explicitly.patch
Type: text/x-patch
Size: 2153 bytes
Desc: not available
URL: <http://lists.lttng.org/pipermail/lttng-dev/attachments/20120217/3ee9d4cf/attachment.bin>


More information about the lttng-dev mailing list