You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
67 lines
1.6 KiB
67 lines
1.6 KiB
From 04cad06bed055a5dd373b2f5babc8000a76597a6 Mon Sep 17 00:00:00 2001 |
|
From: Karel Zak <kzak@redhat.com> |
|
Date: Mon, 9 Oct 2017 12:44:48 +0200 |
|
Subject: [PATCH] libmount: use eacess() rather than open() to check mtab/utab |
|
|
|
The open() syscall is probably the most strong way how to check write |
|
accessibility in all situations, but it's overkill and on some |
|
paranoid systems with enabled audit/selinux. It fills logs with |
|
"Permission denied" entries. Let's use eaccess() if available. |
|
|
|
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1499760 |
|
Signed-off-by: Karel Zak <kzak@redhat.com> |
|
--- |
|
configure.ac | 1 + |
|
libmount/src/utils.c | 19 +++++++++++++------ |
|
2 files changed, 14 insertions(+), 6 deletions(-) |
|
|
|
diff --git a/configure.ac b/configure.ac |
|
index 78258d677..96c5838cf 100644 |
|
--- a/configure.ac |
|
+++ b/configure.ac |
|
@@ -315,6 +315,7 @@ AC_CHECK_FUNCS([ \ |
|
__fpending \ |
|
secure_getenv \ |
|
__secure_getenv \ |
|
+ eaccess \ |
|
err \ |
|
errx \ |
|
fsync \ |
|
diff --git a/libmount/src/utils.c b/libmount/src/utils.c |
|
index 5c374b432..a275d0a0e 100644 |
|
--- a/libmount/src/utils.c |
|
+++ b/libmount/src/utils.c |
|
@@ -653,18 +653,25 @@ done: |
|
|
|
static int try_write(const char *filename) |
|
{ |
|
- int fd; |
|
+ int rc = 0; |
|
|
|
if (!filename) |
|
return -EINVAL; |
|
|
|
- fd = open(filename, O_RDWR|O_CREAT|O_CLOEXEC, |
|
+#ifdef HAVE_EACCESS |
|
+ if (eaccess(filename, R_OK|W_OK) != 0) |
|
+ rc = -errno; |
|
+#else |
|
+ { |
|
+ int fd = open(filename, O_RDWR|O_CREAT|O_CLOEXEC, |
|
S_IWUSR|S_IRUSR|S_IRGRP|S_IROTH); |
|
- if (fd >= 0) { |
|
- close(fd); |
|
- return 0; |
|
+ if (fd < 0) |
|
+ rc = -errno; |
|
+ else |
|
+ close(fd); |
|
} |
|
- return -errno; |
|
+#endif |
|
+ return rc; |
|
} |
|
|
|
/** |
|
-- |
|
2.13.6
|
|
|