File syslog-ng-no-perm-change.dif of Package syslog-ng
--- src/affile.c
+++ src/affile.c 2008/08/19 11:49:06
@@ -38,12 +38,22 @@
#if !HAVE_O_LARGEFILE
#define O_LARGEFILE 0
#endif
+/*
+ * Flags used to remember which option was explicitly set
+ * to the default value (-1) to avoid any permission and
+ * ownership changes on already existing (device) files.
+ * In case the file does not exists, global options apply.
+ * Note: The pipe driver never creates any (device) file.
+ */
+#define OPT_NO_CHMOD 0x0001
+#define OPT_NO_CHOWN 0x0002
+#define OPT_NO_CHGRP 0x0004
static gboolean
affile_open_file(gchar *name, int flags,
int uid, int gid, int mode,
int dir_uid, int dir_gid, int dir_mode,
- int create_dirs, int *fd)
+ int create_dirs, int *fd, guint32 nochopts)
{
if (strstr(name, "../") || strstr(name, "/.."))
{
@@ -53,7 +63,7 @@ affile_open_file(gchar *name, int flags,
return FALSE;
}
- *fd = open(name, flags, mode);
+ *fd = open(name, flags, mode != -1 ? mode : 0600);
if (create_dirs && *fd == -1 && errno == ENOENT)
{
/* directory does not exist */
@@ -71,7 +81,7 @@ affile_open_file(gchar *name, int flags,
}
else if (errno == ENOENT)
{
- if (mkdir(name, dir_mode) == -1)
+ if (mkdir(name, dir_mode != (mode_t)-1 ? dir_mode : 0700) == -1)
return 0;
if (dir_uid != -1 || dir_gid != -1)
chown(name, dir_uid, dir_gid);
@@ -81,16 +91,16 @@ affile_open_file(gchar *name, int flags,
*p = '/';
p = strchr(p + 1, '/');
}
- *fd = open(name, flags, mode);
+ *fd = open(name, flags, mode != (mode_t)-1 ? mode : 0600);
}
if (*fd != -1)
{
g_fd_set_cloexec(*fd, TRUE);
- if (uid != -1)
+ if (uid != (uid_t)-1 && !(nochopts & OPT_NO_CHOWN))
fchown(*fd, uid, -1);
- if (gid != -1)
+ if (gid != (gid_t)-1 && !(nochopts & OPT_NO_CHGRP))
fchown(*fd, -1, gid);
- if (mode != -1)
+ if (mode != (mode_t)-1 && !(nochopts & OPT_NO_CHMOD))
fchmod(*fd, mode);
}
return *fd != -1;
@@ -106,7 +116,8 @@ affile_sd_open_file(AFFileSourceDriver *
else
flags = O_RDONLY | O_NOCTTY | O_NONBLOCK | O_LARGEFILE;
- if (affile_open_file(self->filename->str, flags, -1, -1, -1, 0, 0, 0, 0, fd))
+ if (affile_open_file(self->filename->str, flags, -1, -1, -1, 0, 0, 0, 0, fd,
+ (OPT_NO_CHOWN|OPT_NO_CHGRP|OPT_NO_CHMOD)))
return TRUE;
return FALSE;
@@ -340,7 +351,7 @@ affile_dw_init(LogPipe *s, GlobalConfig
if (affile_open_file(self->filename->str, flags,
self->owner->file_uid, self->owner->file_gid, self->owner->file_perm,
self->owner->dir_uid, self->owner->dir_gid, self->owner->dir_perm,
- !!(self->owner->flags & AFFILE_CREATE_DIRS), &fd))
+ !!((self->owner->flags & AFFILE_PIPE) ? 0 : (self->owner->flags & AFFILE_CREATE_DIRS)), &fd, self->owner->chopt))
{
FDWrite *fdw;
@@ -461,6 +472,8 @@ affile_dd_set_file_uid(LogDriver *s, con
evt_tag_str("user", file_uid),
NULL);
}
+ if (self->file_uid == (uid_t)-1)
+ self->chopt |= OPT_NO_CHOWN;
}
void
@@ -475,6 +488,8 @@ affile_dd_set_file_gid(LogDriver *s, con
evt_tag_str("group", file_gid),
NULL);
}
+ if (self->file_gid == (gid_t)-1)
+ self->chopt |= OPT_NO_CHGRP;
}
void
@@ -483,6 +498,8 @@ affile_dd_set_file_perm(LogDriver *s, mo
AFFileDestDriver *self = (AFFileDestDriver *) s;
self->file_perm = file_perm;
+ if (self->file_perm == (mode_t)-1)
+ self->chopt |= OPT_NO_CHMOD;
}
void
@@ -840,6 +857,7 @@ affile_dd_new(gchar *filename, guint32 f
self->super.super.free_fn = affile_dd_free;
self->filename_template = log_template_new(NULL, filename);
self->flags = flags;
+ self->chopt = 0;
self->file_uid = self->file_gid = -1;
self->file_perm = (mode_t) -1;
self->dir_uid = self->dir_gid = -1;
--- src/affile.h
+++ src/affile.h 2008/08/19 11:20:12
@@ -53,6 +53,7 @@ typedef struct _AFFileDestDriver
LogTemplate *filename_template;
AFFileDestWriter *writer;
guint32 flags;
+ guint32 chopt;
uid_t file_uid;
gid_t file_gid;
mode_t file_perm;