libcgroup should allow SUID, SGID or sticky bit to be set either in
cgconfig.conf file or in API calls. Especially the sticky bit can be useful for
cooperation with systemd.
Signed-off-by: Jan Safranek <jsafr...@redhat.com>
---
src/api.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/src/api.c b/src/api.c
index 0c55f1a..e2d56ef 100644
--- a/src/api.c
+++ b/src/api.c
@@ -197,6 +197,7 @@ int cg_chmod_path(const char *path, mode_t mode, int
owner_is_umask)
* Use owner permissions as an umask for group and others
* permissions because we trust kernel to initialize owner
* permissions to something useful.
+ * Keep SUID and SGID bits.
*/
if (stat(path, &buf) == -1)
goto fail;
@@ -204,7 +205,7 @@ int cg_chmod_path(const char *path, mode_t mode, int
owner_is_umask)
gmask = umask >> 3;
omask = gmask >> 3;
- mask = umask|gmask|omask;
+ mask = umask|gmask|omask|S_ISUID|S_ISGID|S_ISVTX;
}
if (chmod(path, mode & mask))
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Libcg-devel mailing list
Libcg-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/libcg-devel
