[lxc-devel] [lxc/master] pam-cgfs: ignore the system umask when creating the cgroup hierarchy

Thu, 19 Apr 2018 11:14:44 -0700 

The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/2284

This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.

=== Description (from pull-request) ===
Fixes: #2277
Signed-off-by: Jonathan Calmels <[email protected]>

From 113fd529f87e2a55255ecb76b1c8f5a311c0bdf3 Mon Sep 17 00:00:00 2001
From: Jonathan Calmels <[email protected]>
Date: Mon, 16 Apr 2018 12:30:33 -0700
Subject: [PATCH] pam-cgfs: ignore the system umask when creating the cgroup
 hierarchy

Fixes: #2277
Signed-off-by: Jonathan Calmels <[email protected]>
---
 src/lxc/pam/pam_cgfs.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/src/lxc/pam/pam_cgfs.c b/src/lxc/pam/pam_cgfs.c
index 3df8daef3..53ba5ce2d 100644
--- a/src/lxc/pam/pam_cgfs.c
+++ b/src/lxc/pam/pam_cgfs.c
@@ -223,6 +223,17 @@ static bool cgv2_prune_empty_cgroups(const char *user);
 static bool cgv2_remove(const char *cgroup);
 static bool is_cgv2(char *line);
 
+static int do_mkdir(const char *path, mode_t mode)
+{
+        mode_t mask;
+        int r;
+
+        mask = umask(0);
+        r = mkdir(path, mode);
+        umask(mask);
+        return (r);
+}
+
 /* Create directory and (if necessary) its parents. */
 static bool mkdir_parent(const char *root, char *path)
 {
@@ -252,7 +263,7 @@ static bool mkdir_parent(const char *root, char *path)
                if (file_exists(path))
                        goto next;
 
-               if (mkdir(path, 0755) < 0) {
+               if (do_mkdir(path, 0755) < 0) {
                        pam_cgfs_debug("Failed to create %s: %s.\n", path, 
strerror(errno));
                        return false;
                }
@@ -1963,7 +1974,7 @@ static bool cgv1_handle_cpuset_hierarchy(struct 
cgv1_hierarchy *h,
        cgpath = must_make_path(h->mountpoint, h->base_cgroup, cgroup, NULL);
        if (slash)
                *slash = '/';
-       if (mkdir(cgpath, 0755) < 0 && errno != EEXIST) {
+       if (do_mkdir(cgpath, 0755) < 0 && errno != EEXIST) {
                pam_cgfs_debug("Failed to create '%s'", cgpath);
                free(cgpath);
                return false;

_______________________________________________
lxc-devel mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-devel

Reply via email to