[lxc-devel] [lxc/master] pam-cgfs: ignore the system umask when creating the cgroup hierarchy
3XX0 on Github
lxc-bot at linuxcontainers.org
Thu Apr 19 18:14:05 UTC 2018
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 368 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180419/a7049857/attachment.bin>
-------------- next part --------------
From 113fd529f87e2a55255ecb76b1c8f5a311c0bdf3 Mon Sep 17 00:00:00 2001
From: Jonathan Calmels <jcalmels at nvidia.com>
Date: Mon, 16 Apr 2018 12:30:33 -0700
Subject: [PATCH] pam-cgfs: ignore the system umask when creating the cgroup
hierarchy
Fixes: #2277
Signed-off-by: Jonathan Calmels <jcalmels at nvidia.com>
---
src/lxc/pam/pam_cgfs.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/src/lxc/pam/pam_cgfs.c b/src/lxc/pam/pam_cgfs.c
index 3df8daef3..53ba5ce2d 100644
--- a/src/lxc/pam/pam_cgfs.c
+++ b/src/lxc/pam/pam_cgfs.c
@@ -223,6 +223,17 @@ static bool cgv2_prune_empty_cgroups(const char *user);
static bool cgv2_remove(const char *cgroup);
static bool is_cgv2(char *line);
+static int do_mkdir(const char *path, mode_t mode)
+{
+ mode_t mask;
+ int r;
+
+ mask = umask(0);
+ r = mkdir(path, mode);
+ umask(mask);
+ return (r);
+}
+
/* Create directory and (if necessary) its parents. */
static bool mkdir_parent(const char *root, char *path)
{
@@ -252,7 +263,7 @@ static bool mkdir_parent(const char *root, char *path)
if (file_exists(path))
goto next;
- if (mkdir(path, 0755) < 0) {
+ if (do_mkdir(path, 0755) < 0) {
pam_cgfs_debug("Failed to create %s: %s.\n", path, strerror(errno));
return false;
}
@@ -1963,7 +1974,7 @@ static bool cgv1_handle_cpuset_hierarchy(struct cgv1_hierarchy *h,
cgpath = must_make_path(h->mountpoint, h->base_cgroup, cgroup, NULL);
if (slash)
*slash = '/';
- if (mkdir(cgpath, 0755) < 0 && errno != EEXIST) {
+ if (do_mkdir(cgpath, 0755) < 0 && errno != EEXIST) {
pam_cgfs_debug("Failed to create '%s'", cgpath);
free(cgpath);
return false;
More information about the lxc-devel
mailing list