diff options
| author | Lennart Poettering <lennart@poettering.net> | 2020-06-02 16:44:34 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2020-06-02 19:31:36 +0200 |
| commit | 22ed4a6d9aa67998eaa917ab6e9fd19b35bd4fd0 (patch) | |
| tree | 3d074fbc213cc467dfffa46979034b0ce49be875 | |
| parent | Merge pull request #15996 from yuwata/network-dhcp6-route-metric-15295 (diff) | |
| download | systemd-22ed4a6d9aa67998eaa917ab6e9fd19b35bd4fd0.tar.xz systemd-22ed4a6d9aa67998eaa917ab6e9fd19b35bd4fd0.zip | |
fs-util: add stat_warn_permissions() that operates on struct stat instead of fd
| -rw-r--r-- | src/basic/fs-util.c | 28 | ||||
| -rw-r--r-- | src/basic/fs-util.h | 1 |
2 files changed, 20 insertions, 9 deletions
diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c index 7bbcb6051e..943bc56319 100644 --- a/src/basic/fs-util.c +++ b/src/basic/fs-util.c @@ -353,28 +353,38 @@ int fchmod_opath(int fd, mode_t m) { return 0; } -int fd_warn_permissions(const char *path, int fd) { - struct stat st; - - if (fstat(fd, &st) < 0) - return -errno; +int stat_warn_permissions(const char *path, const struct stat *st) { + assert(path); + assert(st); /* Don't complain if we are reading something that is not a file, for example /dev/null */ - if (!S_ISREG(st.st_mode)) + if (!S_ISREG(st->st_mode)) return 0; - if (st.st_mode & 0111) + if (st->st_mode & 0111) log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path); - if (st.st_mode & 0002) + if (st->st_mode & 0002) log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path); - if (getpid_cached() == 1 && (st.st_mode & 0044) != 0044) + if (getpid_cached() == 1 && (st->st_mode & 0044) != 0044) log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path); return 0; } +int fd_warn_permissions(const char *path, int fd) { + struct stat st; + + assert(path); + assert(fd >= 0); + + if (fstat(fd, &st) < 0) + return -errno; + + return stat_warn_permissions(path, &st); +} + int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gid, mode_t mode) { char fdpath[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int)]; _cleanup_close_ int fd = -1; diff --git a/src/basic/fs-util.h b/src/basic/fs-util.h index dd101c61cc..b184570f9f 100644 --- a/src/basic/fs-util.h +++ b/src/basic/fs-util.h @@ -40,6 +40,7 @@ int fchmod_umask(int fd, mode_t mode); int fchmod_opath(int fd, mode_t m); int fd_warn_permissions(const char *path, int fd); +int stat_warn_permissions(const char *path, const struct stat *st); #define laccess(path, mode) faccessat(AT_FDCWD, (path), (mode), AT_SYMLINK_NOFOLLOW) |