On 11/02/2010 02:30 PM, Ivana Hutarova Varekova wrote:
> This patch add options -f and -d to cgcreate, it cause the permission change
> of the files of the created group
> -d, --dperm mode
> sets the permission mode of control groups directory. The
> mode have to be set using octal numbers e.g. -d 775.
> -f, --fperm mode
> sets the permission mode of control groups files. The mode
> have to be set using octal numbers e.g. -f 775.
>
>
>
> EXAMPLE:
> #cgcreate -f 775 -d 775 -g devices:with
> #cgcreate -g devices:without
> # ll /cgroup/devices/ | grep with
> drwxrwxr-x. 2 root root 0 Oct 29 06:55 with
> drwxr-xr-x. 2 root root 0 Oct 29 06:55 without
> # ll /cgroup/devices/with
> total 0
> -rwxrwxr-x. 1 root root 0 Oct 29 06:55 cgroup.event_control
> -rwxrwxr-x. 1 root root 0 Oct 29 06:55 cgroup.procs
> -rwxrwxr-x. 1 root root 0 Oct 29 06:55 devices.allow
> -rwxrwxr-x. 1 root root 0 Oct 29 06:55 devices.deny
> -rwxrwxr-x. 1 root root 0 Oct 29 06:55 devices.list
> -rwxrwxr-x. 1 root root 0 Oct 29 06:55 notify_on_release
> -rwxrwxr-x. 1 root root 0 Oct 29 06:55 tasks
> # ll /cgroup/devices/without/
> total 0
> --w--w--w-. 1 root root 0 Oct 29 06:55 cgroup.event_control
> -r--r--r--. 1 root root 0 Oct 29 06:55 cgroup.procs
> --w-------. 1 root root 0 Oct 29 06:55 devices.allow
> --w-------. 1 root root 0 Oct 29 06:55 devices.deny
> -r--r--r--. 1 root root 0 Oct 29 06:55 devices.list
> -rw-r--r--. 1 root root 0 Oct 29 06:55 notify_on_release
> -rw-r--r--. 1 root root 0 Oct 29 06:55 tasks
>
>
>
>
> Signed-off-by: Ivana Hutarova Varekova<[email protected]>
> ---
>
> doc/man/cgcreate.1 | 24 +++++++++++++++-
> src/tools/cgcreate.c | 74
> ++++++++++++++++++++++++++++++++++++++++++++++++--
> 2 files changed, 93 insertions(+), 5 deletions(-)
>
> diff --git a/doc/man/cgcreate.1 b/doc/man/cgcreate.1
> index d8e0449..adcca7f 100644
> --- a/doc/man/cgcreate.1
> +++ b/doc/man/cgcreate.1
> @@ -5,13 +5,16 @@
> cgcreate \- create new cgroup(s)
>
> .SH SYNOPSIS
> -\fBcgcreate\fR [\fB-h\fR] [\fB-t\fR<\fItuid>:<tgid\fR>]
> -[\fB-a\fR<\fIagid>:<auid\fR>] \fB-g\fR<\fIcontrollers>:<path\fR> [-g ...]
> +\fBcgcreate\fR [\fB-h\fR] [\fB-s\fR] [\fB-t\fR<\fItuid>:<tgid\fR>]
> +[\fB-a\fR<\fIagid>:<auid\fR>] [\fB-f\fR mode] [\fB-d\fR mode]
> +\fB-g\fR<\fIcontrollers>:<path\fR> [-g ...]
>
> .SH DESCRIPTION
> The command creates new cgroup(s) defined by option
> \fB-g\fR.
>
> +
> +
> .TP
> .B -t<tuid>:<tgid>
> defines the name of the user and the group, which owns tasks
> @@ -27,6 +30,18 @@ allowed to set subsystem parameters and create subgroups.
> The default value is the same as has the parent cgroup.
>
> .TP
> +.B -d, --dperm mode
> +sets the permission mode of control groups directory.
> +The mode have to be set using octal numbers e.g.
> +\fB-d 775\fR.
> +
> +.TP
> +.B -f, --fperm mode
> +sets the permission mode of control groups files.
> +The mode have to be set using octal numbers e.g.
> +\fB-f 775\fR.
> +
> +.TP
> .B -g<controllers>:<path>
> defines control groups which will be added.
> \fBcontrollers\fR is a list of controllers and
> @@ -35,6 +50,11 @@ in the given controllers list. This option can be specified
> multiple times.
>
> .TP
> +.B -s, --sysdefault
> +the permissions of newly created group will be set
> +to sysdefault standart ones.
What are 'sysdefault standart permissions'? And it's standar*d*
> +
> +.TP
> .B -h, --help
> display this help and exit
>
> diff --git a/src/tools/cgcreate.c b/src/tools/cgcreate.c
> index d440d50..02128b2 100644
> --- a/src/tools/cgcreate.c
> +++ b/src/tools/cgcreate.c
> @@ -27,6 +27,7 @@
> #include<getopt.h>
>
> #include "tools-common.h"
> +
> /*
> * Display the usage
> */
> @@ -37,8 +38,9 @@ static void usage(int status, const char *program_name)
> " try %s -h' for more information.\n",
> program_name);
> } else {
> - fprintf(stdout, "Usage: %s [-h] [-t<tuid>:<tgid>] "\
> - "[-a<agid>:<auid>] -g<controllers>:<path> [-g ...]\n",
> + fprintf(stdout, "Usage: %s [-h] [-f mode] [-d mode] "\
> + "[-t<tuid>:<tgid>] [-a<agid>:<auid>] "\
> + "-g<controllers>:<path> [-g ...]\n",
> program_name);
> fprintf(stdout, " -t<tuid>:<tgid> Set "\
> "the task permission\n");
> @@ -48,9 +50,45 @@ static void usage(int status, const char *program_name)
> "group which should be added\n");
> fprintf(stdout, " -h,--help Display "\
> "this help\n");
> + fprintf(stdout, " -f, --fperm mode Group "\
> + "file permissions\n");
> + fprintf(stdout, " -d, --dperm mode Group "\
> + "direrory permissions\n");
I don't see '-s', as advertised in the man page patch.
> }
> }
>
> +/* allowed mode strings are octal version: "755" */
> +
> +int parse_mode(char *string, mode_t *pmode, const char *program_name)
> +{
> + mode_t mode = 0;
> + int pos = 0; /* position of the number iin string */
> + int i;
> + int j = 64;
> +
> + while (pos< 3) {
> + if ('0'<= string[pos]&& string[pos]< '8') {
> + i = (int)string[pos] - (int)'0';
> + /* parse the permission triple*/
> + mode = mode + i*j;
> + j = j / 8;
> + } else {
> + fprintf(stdout, "%s wrong mode format %s",
> + program_name, string);
> + return -1;
> + }
> + pos++;
> + }
What about simple strtol with proper error checking?
> +
> + /* the string have contains three characters */
> + if (string[pos] != '\0') {
> + fprintf(stdout, "%s wrong mode format %s",
> + program_name, string);
> + return -1;
> + }
> + *pmode = mode;
> + return 0;
> +}
>
> int main(int argc, char *argv[])
> {
> @@ -63,6 +101,8 @@ int main(int argc, char *argv[])
> {"task", required_argument, NULL, 't'},
> {"admin", required_argument, NULL, 'a'},
> {"", required_argument, NULL, 'g'},
> + {"dperm mode", required_argument, NULL, 'd'},
> + {"fperm_mode", required_argument, NULL, 'f' },
"dperm" and "fperm"
> {0, 0, 0, 0},
> };
>
> @@ -84,6 +124,12 @@ int main(int argc, char *argv[])
> /* approximation of max. numbers of groups that will be created */
> int capacity = argc;
>
> + /* permission variables */
> + mode_t dir_mode = 0;
> + mode_t file_mode = 0;
> + int dirm_change = 0;
> + int filem_change = 0;
> +
> /* no parametr on input */
> if (argc< 2) {
> usage(1, argv[0]);
> @@ -96,7 +142,8 @@ int main(int argc, char *argv[])
> }
>
> /* parse arguments */
> - while ((c = getopt_long(argc, argv, "a:t:g:h", long_opts, NULL))> 0) {
> + while ((c = getopt_long(argc, argv, "a:t:g:hd:f:", long_opts, NULL))
> + > 0) {
> switch (c) {
> case 'h':
> usage(0, argv[0]);
> @@ -178,6 +225,14 @@ int main(int argc, char *argv[])
> return -1;
> }
> break;
> + case 'd':
> + dirm_change = 1;
> + ret = parse_mode(optarg,&dir_mode, argv[0]);
> + break;
> + case 'f':
> + filem_change = 1;
> + ret = parse_mode(optarg,&file_mode, argv[0]);
> + break;
> default:
> usage(1, argv[0]);
> return -1;
> @@ -248,6 +303,19 @@ int main(int argc, char *argv[])
> cgroup_free(&cgroup);
> goto err;
> }
> + if (dirm_change + filem_change> 0) {
> + printf("dir %d %d file %d %d \n", dir_mode, dirm_change,
> + file_mode, filem_change);
no debug printf please
> + ret = cg_chmod_recursive(cgroup, dir_mode, dirm_change,
> + file_mode, filem_change);
> + if (ret) {
> + fprintf(stderr, "%s: can't change permission " \
> + "of cgroup %s: %s\n", argv[0],
> + cgroup->name, cgroup_strerror(ret));
> + cgroup_free(&cgroup);
> + goto err;
> + }
> + }
> cgroup_free(&cgroup);
> }
> err:
>
>
> ------------------------------------------------------------------------------
> Nokia and AT&T present the 2010 Calling All Innovators-North America contest
> Create new apps& games for the Nokia N8 for consumers in U.S. and Canada
> $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing
> Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store
> http://p.sf.net/sfu/nokia-dev2dev
> _______________________________________________
> Libcg-devel mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/libcg-devel
------------------------------------------------------------------------------
Achieve Improved Network Security with IP and DNS Reputation.
Defend against bad network traffic, including botnets, malware,
phishing sites, and compromised hosts - saving your company time,
money, and embarrassment. Learn More!
http://p.sf.net/sfu/hpdev2dev-nov
_______________________________________________
Libcg-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/libcg-devel
