From: Juha Niskanen Date: Thu, 16 Feb 2012 20:32:12 +0000 (+0200) Subject: lttng-sessiond: Set group permissions explicitly X-Git-Tag: v2.0.0-rc1~2 X-Git-Url: https://git.lttng.org./?a=commitdiff_plain;h=d1613cf5d1c9c55cc395a92fbe92147c99d496a9;p=lttng-tools.git lttng-sessiond: Set group permissions explicitly If root has a restrictive umask, e.g. 0077 when starting the session daemon, users in kernel tracing group cannot access the global run directory. This patch drops unnecessary group mode bits and always sets the global run dir permission regardless of umask. Signed-off-by: Juha Niskanen Signed-off-by: David Goulet --- diff --git a/src/bin/lttng-sessiond/main.c b/src/bin/lttng-sessiond/main.c index 6ae374483..283868970 100644 --- a/src/bin/lttng-sessiond/main.c +++ b/src/bin/lttng-sessiond/main.c @@ -3913,7 +3913,7 @@ static int check_existing_daemon(void) * Set the tracing group gid onto the client socket. * * Race window between mkdir and chown is OK because we are going from more - * permissive (root.root) to les permissive (root.tracing). + * permissive (root.root) to less permissive (root.tracing). */ static int set_permissions(char *rundir) { @@ -3934,6 +3934,13 @@ static int set_permissions(char *rundir) perror("chown"); } + /* Ensure tracing group can search the run dir */ + ret = chmod(rundir, S_IRWXU | S_IXGRP); + if (ret < 0) { + ERR("Unable to set permissions on %s", rundir); + perror("chmod"); + } + /* lttng client socket path */ ret = chown(client_unix_sock_path, 0, gid); if (ret < 0) { @@ -3993,7 +4000,7 @@ static int create_lttng_rundir(const char *rundir) DBG3("Creating LTTng run directory: %s", rundir); - ret = mkdir(rundir, S_IRWXU | S_IRWXG ); + ret = mkdir(rundir, S_IRWXU); if (ret < 0) { if (errno != EEXIST) { ERR("Unable to create %s", rundir); @@ -4035,7 +4042,7 @@ static int set_consumer_sockets(struct consumer_data *consumer_data, DBG2("Creating consumer directory: %s", path); - ret = mkdir(path, S_IRWXU | S_IRWXG); + ret = mkdir(path, S_IRWXU); if (ret < 0) { if (errno != EEXIST) { ERR("Failed to create %s", path);