Bug#661627: Avoid /tmp ?
On Fri, Mar 02, 2012 at 02:29:33PM +0100, Julien Cristau wrote:
> I'm not convinced the chown can be removed. And 'mkdir -m 1777 foo' is
> not any more atomic than 'mkdir foo && chmod 1777 foo'.
The command "mkdir -m" calls the mkdir() syscall, and its second
argument seems to be the mode.
$ man 2 mkdir
[...]
int mkdir(const char *pathname, mode_t mode);
Maybe I'm wrong, but this is what I call an atomic way to create and set
permissions (ie. two operations in a unique syscall). For example:
$ strace mkdir -m 222 /tmp/foo
[...]
mkdir("/tmp/foo", 0222) = 0
> The problem is
> that I'd still like to be able to chown and chmod /tmp/.X11-unix if it
> already exists as a directory when the script runs. I can do that in C
> with something like this:
>
> ret = mkdir("/tmp/.X11-unix", 0700);
> if (ret == 0 || errno == EEXIST) {
> fd = open("/tmp/.X11-unix", O_RDONLY | O_NOFOLLOW);
> if (fd < 0)
> fail();
> fstat(fd, &st);
> if (!S_ISDIR(st.st_mode))
> fail();
> if (fchown(fd, 0, 0)) fail();
> if (fchmod(fd, 01777)) fail();
Yes, fchown & fchmod use file descriptors, those functions are safer
than commands chmod & chown that directly use filenames... This is why
I consider those commands dangerous.
> hmm, how about this:
>
>mkdir -p /tmp/.X11-unix
>chown -h root:root /tmp/.X11-unix
>stat=$(LC_ALL=C stat -c '%u %g %F' /tmp/.X11-unix)
>if [ "$stat" != '0 0 directory' ]; then
> exit 1
>fi
>chmod 1777 /tmp/.X11-unix
This would work (even if it uses chmod), but wasn't the Bash approach (test
with "-O", "-G" and "-d") simpler than using "stat"?
> Agreed. Or drop those two functions and call set_up_dir "$SOCKET_DIR &&
> set_up_dir $ICE_DIR" directly.
Agreed. :)
Reply to: