nspawn: fix uid patching logic (#3599)

An incorrectly set if/else chain caused aus to apply the access mode of a symlink to the directory it is located in. Yuck. Fixes: #3547
author: Lennart Poettering <lennart@poettering.net> 2016-06-25 06:04:43 +0200
committer: Evgeny Vereshchagin <evvers@ya.ru> 2016-06-25 07:04:43 +0300
commit: 0c6aeb4609f619328b9dcf8d8d815bd06e412ac5 (patch)
tree: a7564e96a84b451a059f761cf2aa64180d3ef0c8
parent: d946fb596f7ed010dce6685a499e0aebef00e451 (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/src/nspawn/nspawn-patch-uid.c b/src/nspawn/nspawn-patch-uid.c
index cc79597c95..ded5866d05 100644
--- a/src/nspawn/nspawn-patch-uid.c
+++ b/src/nspawn/nspawn-patch-uid.c
@@ -263,9 +263,12 @@ static int patch_fd(int fd, const char *name, const struct stat *st, uid_t shift
                         return -errno;
 
                 /* The Linux kernel alters the mode in some cases of chown(). Let's undo this. */
-                if (name && !S_ISLNK(st->st_mode))
-                        r = fchmodat(fd, name, st->st_mode, 0);
-                else
+                if (name) {
+                        if (!S_ISLNK(st->st_mode))
+                                r = fchmodat(fd, name, st->st_mode, 0);
+                        else /* AT_SYMLINK_NOFOLLOW is not available for fchmodat() */
+                                r = 0;
+                } else
                         r = fchmod(fd, st->st_mode);
                 if (r < 0)
                         return -errno;
author	Lennart Poettering <lennart@poettering.net>	2016-06-25 06:04:43 +0200
committer	Evgeny Vereshchagin <evvers@ya.ru>	2016-06-25 07:04:43 +0300
commit	0c6aeb4609f619328b9dcf8d8d815bd06e412ac5 (patch)
tree	a7564e96a84b451a059f761cf2aa64180d3ef0c8
parent	d946fb596f7ed010dce6685a499e0aebef00e451 (diff)