[lttng-dev] [PATCH] lttng-sessiond: Set group permissions explicitly.
Juha Niskanen
juniskane at gmail.com
Fri Feb 17 13:42:56 EST 2012
Hi David,
This is probably because my git send-email mysteriously stopped
functioning at all when I updated perl earlier today, and apparently
something went wrong when attempting to work around it.
Can you apply this from attached file please? I apologize for sending
this non-standardly as an attachment and will fix my email environment
before sending any further patches.
Best Regards,
Juha
On Fri, Feb 17, 2012 at 7:22 PM, David Goulet <dgoulet at efficios.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Juha,
>
> This patch seems good to me but I am unable to apply it on the HEAD tree...
> Using "git am" I always get:
>
> fatal: corrupt patch at line 10
>
> I don't understand why... can you resend it to me. (git format-patch). I've even
> try to only take the "diff" part but patch also fails on line 10.
>
> Thanks!
> David
>
> On 12-02-17 12:08 PM, Juha Niskanen wrote:
>> If root has a restrictive umask, e.g. 0077 when starting the session
>> daemon, users in kernel tracing group cannot access the global run
>> directory.
>>
>> This patch drops unnecessary group mode bits and always sets the global
>> run dir permission regardless of umask.
>>
>> Signed-off-by: Juha Niskanen <juniskane at gmail.com>
>> ---
>> src/bin/lttng-sessiond/main.c | 13 ++++++++++---
>> 1 files changed, 10 insertions(+), 3 deletions(-)
>>
>> diff --git a/src/bin/lttng-sessiond/main.c b/src/bin/lttng-sessiond/main.c
>> index 6ae3744..2838689 100644
>> --- a/src/bin/lttng-sessiond/main.c
>> +++ b/src/bin/lttng-sessiond/main.c
>> @@ -3913,7 +3913,7 @@ static int check_existing_daemon(void)
>> * Set the tracing group gid onto the client socket.
>> *
>> * Race window between mkdir and chown is OK because we are going from more
>> - * permissive (root.root) to les permissive (root.tracing).
>> + * permissive (root.root) to less permissive (root.tracing).
>> */
>> static int set_permissions(char *rundir)
>> {
>> @@ -3934,6 +3934,13 @@ static int set_permissions(char *rundir)
>> perror("chown");
>> }
>>
>> + /* Ensure tracing group can search the run dir */
>> + ret = chmod(rundir, S_IRWXU | S_IXGRP);
>> + if (ret < 0) {
>> + ERR("Unable to set permissions on %s", rundir);
>> + perror("chmod");
>> + }
>> +
>> /* lttng client socket path */
>> ret = chown(client_unix_sock_path, 0, gid);
>> if (ret < 0) {
>> @@ -3993,7 +4000,7 @@ static int create_lttng_rundir(const char *rundir)
>>
>> DBG3("Creating LTTng run directory: %s", rundir);
>>
>> - ret = mkdir(rundir, S_IRWXU | S_IRWXG );
>> + ret = mkdir(rundir, S_IRWXU);
>> if (ret < 0) {
>> if (errno != EEXIST) {
>> ERR("Unable to create %s", rundir);
>> @@ -4035,7 +4042,7 @@ static int set_consumer_sockets(struct
>> consumer_data *consumer_data,
>>
>> DBG2("Creating consumer directory: %s", path);
>>
>> - ret = mkdir(path, S_IRWXU | S_IRWXG);
>> + ret = mkdir(path, S_IRWXU);
>> if (ret < 0) {
>> if (errno != EEXIST) {
>> ERR("Failed to create %s", path);
>> --
>> 1.7.4.1
>>
>> _______________________________________________
>> lttng-dev mailing list
>> lttng-dev at lists.lttng.org
>> http://lists.lttng.org/cgi-bin/mailman/listinfo/lttng-dev
>>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iQEcBAEBAgAGBQJPPozBAAoJEELoaioR9I02qvUIAMteiHj8fp/Kf0tIlwr4Lv9v
> yi8uE/5UnSduwTEmRp1EPtORvXEW2c+4JziVQ7/kbyQiEYHwo/n7zVY+uTNJfD65
> gn53ZAXrxugTgk57/ISqkVFoba2Kj/xaajmZw5QRTFgqqTE8pMh2qyJo/zecTWBh
> YmczklVfMHYYcw3TeX//3cf+gQRzq+ThhQ/ZiRq5bjox+tKzXjKH6svGPkpqRBj3
> ngzi4y29fzmyACv9lAuRrE/lOJdj9Z/Gi+zcw0ENeKleEv2PORi3NLXyWljTrTK4
> KSimJnyMAhfFq/wTo7jcsTp1W3qbDWKPG4+eMY8PODt+a7hKEuPrEKZ/IsJaw58=
> =eZ+a
> -----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-lttng-sessiond-Set-group-permissions-explicitly.patch
Type: text/x-patch
Size: 2153 bytes
Desc: not available
URL: <http://lists.lttng.org/pipermail/lttng-dev/attachments/20120217/3ee9d4cf/attachment.bin>
More information about the lttng-dev
mailing list