summaryrefslogtreecommitdiff
path: root/src/udev/udev-node.c
diff options
context:
space:
mode:
authorKay Sievers <kay@vrfy.org>2013-01-04 16:15:46 +0100
committerKay Sievers <kay@vrfy.org>2013-01-04 16:15:46 +0100
commit48a849ee17fb25e0001bfcc0f28a4aa633d016a1 (patch)
tree036cd35f4934414a1720f16c1615d522aac6b928 /src/udev/udev-node.c
parent2bef10ab3648db144c421f7765d20dbdf1afe074 (diff)
udev: set device node permissions only at "add" events
Diffstat (limited to 'src/udev/udev-node.c')
-rw-r--r--src/udev/udev-node.c29
1 files changed, 15 insertions, 14 deletions
diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c
index 7774303704..1e378adf29 100644
--- a/src/udev/udev-node.c
+++ b/src/udev/udev-node.c
@@ -279,22 +279,23 @@ static int node_fixup(struct udev_device *dev, mode_t mode, uid_t uid, gid_t gid
goto out;
}
- if ((stats.st_mode & 0777) != (mode & 0777) || stats.st_uid != uid || stats.st_gid != gid) {
- log_debug("set permissions %s, %#o, uid=%u, gid=%u\n", devnode, mode, uid, gid);
- chmod(devnode, mode);
- chown(devnode, uid, gid);
- } else {
- log_debug("preserve permissions %s, %#o, uid=%u, gid=%u\n", devnode, mode, uid, gid);
- }
-
/*
- * Set initial selinux file context only on add events.
- * We set the proper context on bootup (triger) or for newly
- * added devices, but we don't change it later, in case
- * something else has set a custom context in the meantime.
+ * Set permissions and selinux file context only on add events. We always
+ * set it on bootup (coldplug) with "trigger --action=add" for all devices
+ * and for any newly added devices (hotplug). We don't want to change it
+ * later, in case something else has applied custom settings in the meantime.
*/
- if (strcmp(udev_device_get_action(dev), "add") == 0)
- label_fix(devnode, true, false);
+ if (strcmp(udev_device_get_action(dev), "add") == 0) {
+ if ((stats.st_mode & 0777) != (mode & 0777) || stats.st_uid != uid || stats.st_gid != gid) {
+ log_debug("set permissions %s, %#o, uid=%u, gid=%u\n", devnode, mode, uid, gid);
+ chmod(devnode, mode);
+ chown(devnode, uid, gid);
+ } else {
+ log_debug("preserve permissions %s, %#o, uid=%u, gid=%u\n", devnode, mode, uid, gid);
+ }
+
+ label_fix(devnode, true, false);
+ }
/* always update timestamp when we re-use the node, like on media change events */
utimensat(AT_FDCWD, devnode, NULL, 0);