summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2011-06-29 18:06:58 +0200
committerLennart Poettering <lennart@poettering.net>2011-06-29 18:06:58 +0200
commitf5f32cd7adb78d390fa9050588095b3d31c8527b (patch)
tree1a1beeccafba24b96e62a095ed7ed5b09865a841
parent0b191e603cc31ef0aff435fe20d49c7df39dfb8c (diff)
uaccess: drop ACLs in case of error, just to be safe
-rw-r--r--src/uaccess.c35
1 files changed, 26 insertions, 9 deletions
diff --git a/src/uaccess.c b/src/uaccess.c
index 392b51604f..2f6ac43754 100644
--- a/src/uaccess.c
+++ b/src/uaccess.c
@@ -31,6 +31,7 @@ int main(int argc, char *argv[]) {
const char *path, *seat;
char *p, *active_uid = NULL;
unsigned long ul;
+ bool changed_acl = false;
log_set_target(LOG_TARGET_AUTO);
log_parse_environment();
@@ -66,21 +67,37 @@ int main(int argc, char *argv[]) {
goto finish;
}
- r = safe_atolu(active_uid, &ul);
- if (r < 0) {
- log_error("Failed to parse active UID value %s: %s", active_uid, strerror(-r));
- goto finish;
- }
+ if (active_uid) {
+ r = safe_atolu(active_uid, &ul);
+ if (r < 0) {
+ log_error("Failed to parse active UID value %s: %s", active_uid, strerror(-r));
+ goto finish;
+ }
- r = devnode_acl(path, true, false, 0, true, (uid_t) ul);
- if (r < 0) {
- log_error("Failed to apply ACL on %s: %s", path, strerror(-r));
- goto finish;
+ r = devnode_acl(path, true, false, 0, true, (uid_t) ul);
+ if (r < 0) {
+ log_error("Failed to apply ACL on %s: %s", path, strerror(-r));
+ goto finish;
+ }
+
+ changed_acl = true;
}
r = 0;
finish:
+ if (path && !changed_acl) {
+ int k;
+ /* Better be safe that sorry and reset ACL */
+
+ k = devnode_acl(path, true, false, 0, false, 0);
+ if (k < 0) {
+ log_error("Failed to apply ACL on %s: %s", path, strerror(-k));
+ if (r >= 0)
+ r = k;
+ }
+ }
+
free(active_uid);
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;