mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-22 13:33:56 +03:00
treewide: drop "RUN_" from "RUN_WITH_UMASK"
RUN_WITH_UMASK was initially conceived for spawning externals progs with the umask set. But nowadays we use it various syscalls and stuff that doesn't "run" anything, so the "RUN_" prefix has outlived its usefulness.
This commit is contained in:
parent
d70eaf3067
commit
2053593fcc
@ -43,7 +43,7 @@
|
|||||||
|
|
||||||
// src/basic/umask-util.h
|
// src/basic/umask-util.h
|
||||||
#define _cleanup_umask_
|
#define _cleanup_umask_
|
||||||
#define RUN_WITH_UMASK(mask) \
|
#define WITH_UMASK(mask) \
|
||||||
for (_cleanup_umask_ mode_t _saved_umask_ = umask(mask) | S_IFMT; \
|
for (_cleanup_umask_ mode_t _saved_umask_ = umask(mask) | S_IFMT; \
|
||||||
FLAGS_SET(_saved_umask_, S_IFMT); \
|
FLAGS_SET(_saved_umask_, S_IFMT); \
|
||||||
_saved_umask_ &= 0777)
|
_saved_umask_ &= 0777)
|
||||||
|
@ -15,12 +15,12 @@ static inline void umaskp(mode_t *u) {
|
|||||||
|
|
||||||
/* We make use of the fact here that the umask() concept is using only the lower 9 bits of mode_t, although
|
/* We make use of the fact here that the umask() concept is using only the lower 9 bits of mode_t, although
|
||||||
* mode_t has space for the file type in the bits further up. We simply OR in the file type mask S_IFMT to
|
* mode_t has space for the file type in the bits further up. We simply OR in the file type mask S_IFMT to
|
||||||
* distinguish the first and the second iteration of the RUN_WITH_UMASK() loop, so that we can run the first
|
* distinguish the first and the second iteration of the WITH_UMASK() loop, so that we can run the first one,
|
||||||
* one, and exit on the second. */
|
* and exit on the second. */
|
||||||
|
|
||||||
assert_cc((S_IFMT & 0777) == 0);
|
assert_cc((S_IFMT & 0777) == 0);
|
||||||
|
|
||||||
#define RUN_WITH_UMASK(mask) \
|
#define WITH_UMASK(mask) \
|
||||||
for (_cleanup_umask_ mode_t _saved_umask_ = umask(mask) | S_IFMT; \
|
for (_cleanup_umask_ mode_t _saved_umask_ = umask(mask) | S_IFMT; \
|
||||||
FLAGS_SET(_saved_umask_, S_IFMT); \
|
FLAGS_SET(_saved_umask_, S_IFMT); \
|
||||||
_saved_umask_ &= 0777)
|
_saved_umask_ &= 0777)
|
||||||
|
@ -828,7 +828,7 @@ static int copy_file_with_version_check(const char *from, const char *to, bool f
|
|||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
|
||||||
RUN_WITH_UMASK(0000) {
|
WITH_UMASK(0000) {
|
||||||
fd_to = open(t, O_WRONLY|O_CREAT|O_CLOEXEC|O_EXCL|O_NOFOLLOW, 0644);
|
fd_to = open(t, O_WRONLY|O_CREAT|O_CLOEXEC|O_EXCL|O_NOFOLLOW, 0644);
|
||||||
if (fd_to < 0)
|
if (fd_to < 0)
|
||||||
return log_error_errno(errno, "Failed to open \"%s\" for writing: %m", t);
|
return log_error_errno(errno, "Failed to open \"%s\" for writing: %m", t);
|
||||||
@ -2073,7 +2073,7 @@ static int install_random_seed(const char *esp) {
|
|||||||
/* Let's write this variable with an umask in effect, so that unprivileged users can't see the token
|
/* Let's write this variable with an umask in effect, so that unprivileged users can't see the token
|
||||||
* and possibly get identification information or too much insight into the kernel's entropy pool
|
* and possibly get identification information or too much insight into the kernel's entropy pool
|
||||||
* state. */
|
* state. */
|
||||||
RUN_WITH_UMASK(0077) {
|
WITH_UMASK(0077) {
|
||||||
r = efi_set_variable(EFI_LOADER_VARIABLE(LoaderSystemToken), buffer, sizeof(buffer));
|
r = efi_set_variable(EFI_LOADER_VARIABLE(LoaderSystemToken), buffer, sizeof(buffer));
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
if (!arg_graceful)
|
if (!arg_graceful)
|
||||||
@ -2147,7 +2147,7 @@ static int verb_install(int argc, char *argv[], void *userdata) {
|
|||||||
|
|
||||||
const char *arch = arg_arch_all ? "" : get_efi_arch();
|
const char *arch = arg_arch_all ? "" : get_efi_arch();
|
||||||
|
|
||||||
RUN_WITH_UMASK(0002) {
|
WITH_UMASK(0002) {
|
||||||
if (install) {
|
if (install) {
|
||||||
/* Don't create any of these directories when we are just updating. When we update
|
/* Don't create any of these directories when we are just updating. When we update
|
||||||
* we'll drop-in our files (unless there are newer ones already), but we won't create
|
* we'll drop-in our files (unless there are newer ones already), but we won't create
|
||||||
|
@ -941,7 +941,7 @@ int bus_init_private(Manager *m) {
|
|||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
return log_error_errno(errno, "Failed to allocate private socket: %m");
|
return log_error_errno(errno, "Failed to allocate private socket: %m");
|
||||||
|
|
||||||
RUN_WITH_UMASK(0077)
|
WITH_UMASK(0077)
|
||||||
r = bind(fd, &sa.sa, sa_len);
|
r = bind(fd, &sa.sa, sa_len);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(errno, "Failed to bind private socket: %m");
|
return log_error_errno(errno, "Failed to bind private socket: %m");
|
||||||
|
@ -1376,7 +1376,7 @@ static int write_container_id(void) {
|
|||||||
if (isempty(c))
|
if (isempty(c))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
RUN_WITH_UMASK(0022)
|
WITH_UMASK(0022)
|
||||||
r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
|
r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_warning_errno(r, "Failed to write /run/systemd/container, ignoring: %m");
|
return log_warning_errno(r, "Failed to write /run/systemd/container, ignoring: %m");
|
||||||
|
@ -1103,7 +1103,7 @@ static int manager_setup_cgroups_agent(Manager *m) {
|
|||||||
(void) sockaddr_un_unlink(&sa.un);
|
(void) sockaddr_un_unlink(&sa.un);
|
||||||
|
|
||||||
/* Only allow root to connect to this socket */
|
/* Only allow root to connect to this socket */
|
||||||
RUN_WITH_UMASK(0077)
|
WITH_UMASK(0077)
|
||||||
r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
|
r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
|
return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
|
||||||
@ -3674,7 +3674,7 @@ static int manager_run_environment_generators(Manager *m) {
|
|||||||
if (!generator_path_any((const char* const*) paths))
|
if (!generator_path_any((const char* const*) paths))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
RUN_WITH_UMASK(0022)
|
WITH_UMASK(0022)
|
||||||
r = execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC, gather_environment,
|
r = execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC, gather_environment,
|
||||||
args, NULL, m->transient_environment,
|
args, NULL, m->transient_environment,
|
||||||
EXEC_DIR_PARALLEL | EXEC_DIR_IGNORE_ERRORS | EXEC_DIR_SET_SYSTEMD_EXEC_PID);
|
EXEC_DIR_PARALLEL | EXEC_DIR_IGNORE_ERRORS | EXEC_DIR_SET_SYSTEMD_EXEC_PID);
|
||||||
@ -3776,7 +3776,7 @@ static int manager_run_generators(Manager *m) {
|
|||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
RUN_WITH_UMASK(0022)
|
WITH_UMASK(0022)
|
||||||
(void) execute_directories(
|
(void) execute_directories(
|
||||||
(const char* const*) paths,
|
(const char* const*) paths,
|
||||||
DEFAULT_TIMEOUT_USEC,
|
DEFAULT_TIMEOUT_USEC,
|
||||||
|
@ -2708,7 +2708,7 @@ static int make_tmp_prefix(const char *prefix) {
|
|||||||
if (errno != ENOENT)
|
if (errno != ENOENT)
|
||||||
return -errno;
|
return -errno;
|
||||||
|
|
||||||
RUN_WITH_UMASK(000)
|
WITH_UMASK(000)
|
||||||
r = mkdir_parents(prefix, 0755);
|
r = mkdir_parents(prefix, 0755);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
@ -2765,7 +2765,7 @@ static int setup_one_tmp_dir(const char *id, const char *prefix, char **path, ch
|
|||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
RUN_WITH_UMASK(0077)
|
WITH_UMASK(0077)
|
||||||
if (!mkdtemp(x)) {
|
if (!mkdtemp(x)) {
|
||||||
if (errno == EROFS || ERRNO_IS_DISK_SPACE(errno))
|
if (errno == EROFS || ERRNO_IS_DISK_SPACE(errno))
|
||||||
rw = false;
|
rw = false;
|
||||||
@ -2778,7 +2778,7 @@ static int setup_one_tmp_dir(const char *id, const char *prefix, char **path, ch
|
|||||||
if (!y)
|
if (!y)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
RUN_WITH_UMASK(0000)
|
WITH_UMASK(0000)
|
||||||
if (mkdir(y, 0777 | S_ISVTX) < 0)
|
if (mkdir(y, 0777 | S_ISVTX) < 0)
|
||||||
return -errno;
|
return -errno;
|
||||||
|
|
||||||
@ -2792,7 +2792,7 @@ static int setup_one_tmp_dir(const char *id, const char *prefix, char **path, ch
|
|||||||
/* Trouble: we failed to create the directory. Instead of failing, let's simulate /tmp being
|
/* Trouble: we failed to create the directory. Instead of failing, let's simulate /tmp being
|
||||||
* read-only. This way the service will get the EROFS result as if it was writing to the real
|
* read-only. This way the service will get the EROFS result as if it was writing to the real
|
||||||
* file system. */
|
* file system. */
|
||||||
RUN_WITH_UMASK(0000)
|
WITH_UMASK(0000)
|
||||||
r = mkdir_p(RUN_SYSTEMD_EMPTY, 0500);
|
r = mkdir_p(RUN_SYSTEMD_EMPTY, 0500);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
@ -4469,7 +4469,7 @@ int unit_make_transient(Unit *u) {
|
|||||||
/* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
|
/* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
|
||||||
* creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
|
* creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
|
||||||
|
|
||||||
RUN_WITH_UMASK(0022) {
|
WITH_UMASK(0022) {
|
||||||
f = fopen(path, "we");
|
f = fopen(path, "we");
|
||||||
if (!f)
|
if (!f)
|
||||||
return -errno;
|
return -errno;
|
||||||
|
@ -130,7 +130,7 @@ int home_create_directory_or_subvolume(UserRecord *h, HomeSetup *setup, UserReco
|
|||||||
switch (user_record_storage(h)) {
|
switch (user_record_storage(h)) {
|
||||||
|
|
||||||
case USER_SUBVOLUME:
|
case USER_SUBVOLUME:
|
||||||
RUN_WITH_UMASK(0077)
|
WITH_UMASK(0077)
|
||||||
r = btrfs_subvol_make(d);
|
r = btrfs_subvol_make(d);
|
||||||
|
|
||||||
if (r >= 0) {
|
if (r >= 0) {
|
||||||
|
@ -687,7 +687,7 @@ static int create_socket(char **ret) {
|
|||||||
return r;
|
return r;
|
||||||
sa_len = r;
|
sa_len = r;
|
||||||
|
|
||||||
RUN_WITH_UMASK(0177)
|
WITH_UMASK(0177)
|
||||||
if (bind(fd, &sa.sa, sa_len) < 0)
|
if (bind(fd, &sa.sa, sa_len) < 0)
|
||||||
return -errno;
|
return -errno;
|
||||||
|
|
||||||
|
@ -178,7 +178,7 @@ int base_filesystem_create(const char *root, uid_t uid, gid_t gid) {
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
RUN_WITH_UMASK(0000)
|
WITH_UMASK(0000)
|
||||||
r = mkdirat(fd, table[i].dir, table[i].mode);
|
r = mkdirat(fd, table[i].dir, table[i].mode);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_full_errno(IN_SET(errno, EEXIST, EROFS) || table[i].ignore_failure ? LOG_DEBUG : LOG_ERR, errno,
|
log_full_errno(IN_SET(errno, EEXIST, EROFS) || table[i].ignore_failure ? LOG_DEBUG : LOG_ERR, errno,
|
||||||
|
@ -1357,7 +1357,7 @@ int copy_file_full(
|
|||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
RUN_WITH_UMASK(0000) {
|
WITH_UMASK(0000) {
|
||||||
if (copy_flags & COPY_MAC_CREATE) {
|
if (copy_flags & COPY_MAC_CREATE) {
|
||||||
r = mac_selinux_create_file_prepare(to, S_IFREG);
|
r = mac_selinux_create_file_prepare(to, S_IFREG);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
@ -89,7 +89,7 @@ int machine_id_setup(const char *root, bool force_transient, sd_id128_t machine_
|
|||||||
|
|
||||||
etc_machine_id = prefix_roota(root, "/etc/machine-id");
|
etc_machine_id = prefix_roota(root, "/etc/machine-id");
|
||||||
|
|
||||||
RUN_WITH_UMASK(0000) {
|
WITH_UMASK(0000) {
|
||||||
/* We create this 0444, to indicate that this isn't really
|
/* We create this 0444, to indicate that this isn't really
|
||||||
* something you should ever modify. Of course, since the file
|
* something you should ever modify. Of course, since the file
|
||||||
* will be owned by root it doesn't matter much, but maybe
|
* will be owned by root it doesn't matter much, but maybe
|
||||||
@ -166,7 +166,7 @@ int machine_id_setup(const char *root, bool force_transient, sd_id128_t machine_
|
|||||||
|
|
||||||
run_machine_id = prefix_roota(root, "/run/machine-id");
|
run_machine_id = prefix_roota(root, "/run/machine-id");
|
||||||
|
|
||||||
RUN_WITH_UMASK(0022)
|
WITH_UMASK(0022)
|
||||||
r = id128_write(run_machine_id, ID128_FORMAT_PLAIN, machine_id);
|
r = id128_write(run_machine_id, ID128_FORMAT_PLAIN, machine_id);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
(void) unlink(run_machine_id);
|
(void) unlink(run_machine_id);
|
||||||
|
@ -42,7 +42,7 @@ int update_reboot_parameter_and_warn(const char *parameter, bool keep) {
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
RUN_WITH_UMASK(0022) {
|
WITH_UMASK(0022) {
|
||||||
r = write_string_file("/run/systemd/reboot-param", parameter,
|
r = write_string_file("/run/systemd/reboot-param", parameter,
|
||||||
WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC);
|
WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
@ -101,7 +101,7 @@ int socket_address_listen(
|
|||||||
(void) mkdir_parents_label(p, directory_mode);
|
(void) mkdir_parents_label(p, directory_mode);
|
||||||
|
|
||||||
/* Enforce the right access mode for the socket */
|
/* Enforce the right access mode for the socket */
|
||||||
RUN_WITH_UMASK(~socket_mode) {
|
WITH_UMASK(~socket_mode) {
|
||||||
r = mac_selinux_bind(fd, &a->sockaddr.sa, a->size);
|
r = mac_selinux_bind(fd, &a->sockaddr.sa, a->size);
|
||||||
if (r == -EADDRINUSE) {
|
if (r == -EADDRINUSE) {
|
||||||
/* Unlink and try again */
|
/* Unlink and try again */
|
||||||
|
@ -2326,7 +2326,7 @@ int varlink_server_listen_address(VarlinkServer *s, const char *address, mode_t
|
|||||||
|
|
||||||
(void) sockaddr_un_unlink(&sockaddr.un);
|
(void) sockaddr_un_unlink(&sockaddr.un);
|
||||||
|
|
||||||
RUN_WITH_UMASK(~m & 0777) {
|
WITH_UMASK(~m & 0777) {
|
||||||
r = mac_selinux_bind(fd, &sockaddr.sa, sockaddr_len);
|
r = mac_selinux_bind(fd, &sockaddr.sa, sockaddr_len);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
@ -17,7 +17,7 @@ TEST(install_file) {
|
|||||||
assert_se(a = path_join(p, "foo"));
|
assert_se(a = path_join(p, "foo"));
|
||||||
assert_se(b = path_join(p, "bar"));
|
assert_se(b = path_join(p, "bar"));
|
||||||
|
|
||||||
RUN_WITH_UMASK(0077)
|
WITH_UMASK(0077)
|
||||||
assert_se(write_string_file(a, "wups", WRITE_STRING_FILE_CREATE) >= 0);
|
assert_se(write_string_file(a, "wups", WRITE_STRING_FILE_CREATE) >= 0);
|
||||||
|
|
||||||
assert_se(lstat(a, &stat1) >= 0);
|
assert_se(lstat(a, &stat1) >= 0);
|
||||||
|
@ -12,7 +12,7 @@ int main(int argc, char *argv[]) {
|
|||||||
u = umask(0111);
|
u = umask(0111);
|
||||||
|
|
||||||
n = 0;
|
n = 0;
|
||||||
RUN_WITH_UMASK(0123) {
|
WITH_UMASK(0123) {
|
||||||
assert_se(umask(000) == 0123);
|
assert_se(umask(000) == 0123);
|
||||||
n++;
|
n++;
|
||||||
}
|
}
|
||||||
@ -20,7 +20,7 @@ int main(int argc, char *argv[]) {
|
|||||||
assert_se(n == 1);
|
assert_se(n == 1);
|
||||||
assert_se(umask(u) == 0111);
|
assert_se(umask(u) == 0111);
|
||||||
|
|
||||||
RUN_WITH_UMASK(0135) {
|
WITH_UMASK(0135) {
|
||||||
assert_se(umask(000) == 0135);
|
assert_se(umask(000) == 0135);
|
||||||
n++;
|
n++;
|
||||||
}
|
}
|
||||||
@ -28,7 +28,7 @@ int main(int argc, char *argv[]) {
|
|||||||
assert_se(n == 2);
|
assert_se(n == 2);
|
||||||
assert_se(umask(0111) == u);
|
assert_se(umask(0111) == u);
|
||||||
|
|
||||||
RUN_WITH_UMASK(0315) {
|
WITH_UMASK(0315) {
|
||||||
assert_se(umask(000) == 0315);
|
assert_se(umask(000) == 0315);
|
||||||
n++;
|
n++;
|
||||||
break;
|
break;
|
||||||
|
@ -1499,7 +1499,7 @@ static int create_file(Item *i, const char *path) {
|
|||||||
if (dir_fd < 0)
|
if (dir_fd < 0)
|
||||||
return dir_fd;
|
return dir_fd;
|
||||||
|
|
||||||
RUN_WITH_UMASK(0000) {
|
WITH_UMASK(0000) {
|
||||||
mac_selinux_create_file_prepare(path, S_IFREG);
|
mac_selinux_create_file_prepare(path, S_IFREG);
|
||||||
fd = RET_NERRNO(openat(dir_fd, bn, O_CREAT|O_EXCL|O_NOFOLLOW|O_NONBLOCK|O_CLOEXEC|O_WRONLY|O_NOCTTY, i->mode));
|
fd = RET_NERRNO(openat(dir_fd, bn, O_CREAT|O_EXCL|O_NOFOLLOW|O_NONBLOCK|O_CLOEXEC|O_WRONLY|O_NOCTTY, i->mode));
|
||||||
mac_selinux_create_file_clear();
|
mac_selinux_create_file_clear();
|
||||||
@ -1572,7 +1572,7 @@ static int truncate_file(Item *i, const char *path) {
|
|||||||
if (fd == -ENOENT) {
|
if (fd == -ENOENT) {
|
||||||
creation = CREATION_NORMAL; /* Didn't work without O_CREATE, try again with */
|
creation = CREATION_NORMAL; /* Didn't work without O_CREATE, try again with */
|
||||||
|
|
||||||
RUN_WITH_UMASK(0000) {
|
WITH_UMASK(0000) {
|
||||||
mac_selinux_create_file_prepare(path, S_IFREG);
|
mac_selinux_create_file_prepare(path, S_IFREG);
|
||||||
fd = RET_NERRNO(openat(dir_fd, bn, O_CREAT|O_NOFOLLOW|O_NONBLOCK|O_CLOEXEC|O_WRONLY|O_NOCTTY, i->mode));
|
fd = RET_NERRNO(openat(dir_fd, bn, O_CREAT|O_NOFOLLOW|O_NONBLOCK|O_CLOEXEC|O_WRONLY|O_NOCTTY, i->mode));
|
||||||
mac_selinux_create_file_clear();
|
mac_selinux_create_file_clear();
|
||||||
@ -1716,14 +1716,14 @@ static int create_directory_or_subvolume(
|
|||||||
|
|
||||||
subvol = false;
|
subvol = false;
|
||||||
else {
|
else {
|
||||||
RUN_WITH_UMASK((~mode) & 0777)
|
WITH_UMASK((~mode) & 0777)
|
||||||
r = btrfs_subvol_make_fd(pfd, bn);
|
r = btrfs_subvol_make_fd(pfd, bn);
|
||||||
}
|
}
|
||||||
} else
|
} else
|
||||||
r = 0;
|
r = 0;
|
||||||
|
|
||||||
if (!subvol || ERRNO_IS_NOT_SUPPORTED(r))
|
if (!subvol || ERRNO_IS_NOT_SUPPORTED(r))
|
||||||
RUN_WITH_UMASK(0000)
|
WITH_UMASK(0000)
|
||||||
r = mkdirat_label(pfd, bn, mode);
|
r = mkdirat_label(pfd, bn, mode);
|
||||||
|
|
||||||
creation = r >= 0 ? CREATION_NORMAL : CREATION_EXISTING;
|
creation = r >= 0 ? CREATION_NORMAL : CREATION_EXISTING;
|
||||||
@ -1869,7 +1869,7 @@ static int create_device(Item *i, mode_t file_type) {
|
|||||||
if (dfd < 0)
|
if (dfd < 0)
|
||||||
return dfd;
|
return dfd;
|
||||||
|
|
||||||
RUN_WITH_UMASK(0000) {
|
WITH_UMASK(0000) {
|
||||||
mac_selinux_create_file_prepare(i->path, file_type);
|
mac_selinux_create_file_prepare(i->path, file_type);
|
||||||
r = RET_NERRNO(mknodat(dfd, bn, i->mode | file_type, i->major_minor));
|
r = RET_NERRNO(mknodat(dfd, bn, i->mode | file_type, i->major_minor));
|
||||||
mac_selinux_create_file_clear();
|
mac_selinux_create_file_clear();
|
||||||
@ -1900,7 +1900,7 @@ static int create_device(Item *i, mode_t file_type) {
|
|||||||
if (i->append_or_force) {
|
if (i->append_or_force) {
|
||||||
fd = safe_close(fd);
|
fd = safe_close(fd);
|
||||||
|
|
||||||
RUN_WITH_UMASK(0000) {
|
WITH_UMASK(0000) {
|
||||||
mac_selinux_create_file_prepare(i->path, file_type);
|
mac_selinux_create_file_prepare(i->path, file_type);
|
||||||
r = mknodat_atomic(dfd, bn, i->mode | file_type, i->major_minor);
|
r = mknodat_atomic(dfd, bn, i->mode | file_type, i->major_minor);
|
||||||
mac_selinux_create_file_clear();
|
mac_selinux_create_file_clear();
|
||||||
@ -1971,7 +1971,7 @@ static int create_fifo(Item *i) {
|
|||||||
if (pfd < 0)
|
if (pfd < 0)
|
||||||
return pfd;
|
return pfd;
|
||||||
|
|
||||||
RUN_WITH_UMASK(0000) {
|
WITH_UMASK(0000) {
|
||||||
mac_selinux_create_file_prepare(i->path, S_IFIFO);
|
mac_selinux_create_file_prepare(i->path, S_IFIFO);
|
||||||
r = RET_NERRNO(mkfifoat(pfd, bn, i->mode));
|
r = RET_NERRNO(mkfifoat(pfd, bn, i->mode));
|
||||||
mac_selinux_create_file_clear();
|
mac_selinux_create_file_clear();
|
||||||
@ -1996,7 +1996,7 @@ static int create_fifo(Item *i) {
|
|||||||
if (i->append_or_force) {
|
if (i->append_or_force) {
|
||||||
fd = safe_close(fd);
|
fd = safe_close(fd);
|
||||||
|
|
||||||
RUN_WITH_UMASK(0000) {
|
WITH_UMASK(0000) {
|
||||||
mac_selinux_create_file_prepare(i->path, S_IFIFO);
|
mac_selinux_create_file_prepare(i->path, S_IFIFO);
|
||||||
r = mkfifoat_atomic(pfd, bn, i->mode);
|
r = mkfifoat_atomic(pfd, bn, i->mode);
|
||||||
mac_selinux_create_file_clear();
|
mac_selinux_create_file_clear();
|
||||||
@ -2378,7 +2378,7 @@ static int mkdir_parents_rm_if_wrong_type(mode_t child_mode, const char *path) {
|
|||||||
if (r == -ENOENT)
|
if (r == -ENOENT)
|
||||||
r = rm_if_wrong_type_safe(S_IFDIR, parent_fd, &parent_st, t, AT_SYMLINK_NOFOLLOW);
|
r = rm_if_wrong_type_safe(S_IFDIR, parent_fd, &parent_st, t, AT_SYMLINK_NOFOLLOW);
|
||||||
if (r == -ENOENT) {
|
if (r == -ENOENT) {
|
||||||
RUN_WITH_UMASK(0000)
|
WITH_UMASK(0000)
|
||||||
r = mkdirat_label(parent_fd, t, 0755);
|
r = mkdirat_label(parent_fd, t, 0755);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
_cleanup_free_ char *parent_name = NULL;
|
_cleanup_free_ char *parent_name = NULL;
|
||||||
@ -2416,7 +2416,7 @@ static int mkdir_parents_item(Item *i, mode_t child_mode) {
|
|||||||
if (r < 0 && r != -ENOENT)
|
if (r < 0 && r != -ENOENT)
|
||||||
return r;
|
return r;
|
||||||
} else
|
} else
|
||||||
RUN_WITH_UMASK(0000)
|
WITH_UMASK(0000)
|
||||||
(void) mkdir_parents_label(i->path, 0755);
|
(void) mkdir_parents_label(i->path, 0755);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -277,7 +277,7 @@ int manager_startup(Manager *m) {
|
|||||||
|
|
||||||
(void) sockaddr_un_unlink(&sockaddr.un);
|
(void) sockaddr_un_unlink(&sockaddr.un);
|
||||||
|
|
||||||
RUN_WITH_UMASK(0000)
|
WITH_UMASK(0000)
|
||||||
if (bind(m->listen_fd, &sockaddr.sa, SOCKADDR_UN_LEN(sockaddr.un)) < 0)
|
if (bind(m->listen_fd, &sockaddr.sa, SOCKADDR_UN_LEN(sockaddr.un)) < 0)
|
||||||
return log_error_errno(errno, "Failed to bind socket: %m");
|
return log_error_errno(errno, "Failed to bind socket: %m");
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user