Re: FHS compliance and UNIX sockets
- To: debian-devel@lists.debian.org
- Subject: Re: FHS compliance and UNIX sockets
- From: Tollef Fog Heen <tollef@add.no>
- Date: 01 Feb 2001 14:51:11 +0100
- Message-id: <[🔎] 87r91ifr5c.fsf@manon.intern.opera.no>
- In-reply-to: <848znrjn4k.fsf@snoopy.apana.org.au>
- References: <aj@azure.humbug.org.au> <200101290647.f0T6lbF28325@linda.lfix.co.uk> <20010129205852.D1255@azure.humbug.org.au> <20010129205948.B20839@holomorphy.com> <20010130065613.R686@justice.loyola.edu> <20010130142512.K24991@kitenet.net> <87u26g8wa7.fsf@manon.intern.opera.no> <848znrjn4k.fsf@snoopy.apana.org.au>
* Brian May
| >>>>> "Tollef" == Tollef Fog Heen <tollef@add.no> writes:
|
| Tollef> Putting a tmp directory into /etc/skel and setting TMPDIR
| Tollef> and TMP to $HOME/tmp might be a start?
|
| Tollef> The next step would probably be to search the sources for
| Tollef> /tmp and replace it with $HOME/tmp wherever possible.
|
| There is no system in place to automatically delete files on
| $HOME/tmp, nor can you use a faster file system in its place (eg local
| hard-disk where /home is NFS mounted, or something like tmpfs which I
| saw discussed recently on the linux-kernel mailing list).
I don't think my temporary files should be deleted automagically,
since I do store files in ~/tmp myself, which I'd like to remove
myself as well. Having some tmp reaper do it for me is the wrong
thing. Others may have different opinions, of course.
| /tmp/user/$USER
|
| where /tmp/user is owned by root, and a very simply setuid root program
| does (translated to more appropriate language):
|
| 1. mkdir /tmp/user/$UID
| 2. chown $UID /tmp/user/$UID
You need to chmod as well. I don't think this small program deserves
a .deb all by itself, so if it could go into wherever applicable
(base-files?) and /etc/profile (and other initialization scripts could
be modified to set $TMP and $TMPDIR to /tmp/user/`id -u`.
Additionally,
C:
/*
* mkusertmpdir.c
* Copyright Tollef Fog Heen, 2001.
* This program is under GPL, please see http://www.gnu.org/copyleft/gpl.html
*/
#include <unistd.h>
#include <stdio.h>
#include <errno.h>
#include <sys/stat.h>
#include <sys/types.h>
#define SYSUSRTMP "/tmp/user"
int main(int argc, char** argv) {
int ret;
char buf[512];
struct stat statbuf;
mode_t old_umask;
ret = lstat(SYSUSRTMP,&statbuf);
if (ret == -1 && errno != ENOENT) {
perror("lstat'ing SYSUSRTMP");
exit(1);
} else if (ret != -1 && statbuf.st_uid != geteuid()) {
/* Somebody else than root has grabbed /tmp/user. Bad, bad, bad. */
fprintf(stderr,"%s is owned by somebody else than root. "
"Can't create safe tmpdirs\n", SYSUSRTMP);
exit(2);
} else if (errno == ENOENT) {
old_umask = umask(0000);
if (mkdir(SYSUSRTMP,0711) == -1) {
perror("mkdir'ing SYSUSRTMP");
exit(1);
}
umask(old_umask);
}
if (chown(SYSUSRTMP,0,0) == -1) {
perror("chown'ing SYSUSRTMP");
exit(1);
}
if (snprintf(buf, 511, "%s/%d",SYSUSRTMP,getuid()) == -1) {
perror("snprintf");
exit(1);
}
ret = lstat(buf,&statbuf);
if (ret == -1 && errno != ENOENT) {
perror("lstat");
exit(1);
} else if (ret != -1 && statbuf.st_uid != getuid()) {
fprintf(stderr,"tmp directory %s owned by someone else than self!\n", buf);
exit(1);
} else if (errno == ENOENT) {
if (mkdir(buf,0700) == -1) {
perror("mkdir");
exit(1);
}
if (chown(buf,getuid(),getgid()) == -1) {
perror("chown");
exit(1);
}
}
exit(0);
}
--
Tollef Fog Heen
Unix _IS_ user friendly... It's just selective about who its friends are.
Reply to: