[lxc-devel] [lxd/master] lxd/sys: Enforce directory permissions
stgraber on Github
lxc-bot at linuxcontainers.org
Sat Oct 12 01:01:27 UTC 2019
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 354 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20191011/94f55466/attachment.bin>
-------------- next part --------------
From 34dc242bee815daf687953da3cccf332534266db Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Fri, 11 Oct 2019 14:18:13 -0400
Subject: [PATCH] lxd/sys: Enforce directory permissions
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
lxd/sys/fs.go | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/lxd/sys/fs.go b/lxd/sys/fs.go
index 5905c433a0..3e76ca3343 100644
--- a/lxd/sys/fs.go
+++ b/lxd/sys/fs.go
@@ -58,8 +58,15 @@ func (s *OS) initDirs() error {
for _, dir := range dirs {
err := os.Mkdir(dir.path, dir.mode)
- if err != nil && !os.IsExist(err) {
- return errors.Wrapf(err, "failed to init dir %s", dir.path)
+ if err != nil {
+ if !os.IsExist(err) {
+ return errors.Wrapf(err, "Failed to init dir %s", dir.path)
+ }
+
+ err = os.Chmod(dir.path, dir.mode)
+ if err != nil {
+ return errors.Wrapf(err, "Failed to chmod dir %s", dir.path)
+ }
}
}
More information about the lxc-devel
mailing list