diff options
author | Lennart Poettering <lennart@poettering.net> | 2016-06-25 06:04:43 +0200 |
---|---|---|
committer | Evgeny Vereshchagin <evvers@ya.ru> | 2016-06-25 07:04:43 +0300 |
commit | 0c6aeb4609f619328b9dcf8d8d815bd06e412ac5 (patch) | |
tree | a7564e96a84b451a059f761cf2aa64180d3ef0c8 /src | |
parent | d946fb596f7ed010dce6685a499e0aebef00e451 (diff) |
nspawn: fix uid patching logic (#3599)
An incorrectly set if/else chain caused aus to apply the access mode of a
symlink to the directory it is located in. Yuck.
Fixes: #3547
Diffstat (limited to 'src')
-rw-r--r-- | src/nspawn/nspawn-patch-uid.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/src/nspawn/nspawn-patch-uid.c b/src/nspawn/nspawn-patch-uid.c index cc79597c95..ded5866d05 100644 --- a/src/nspawn/nspawn-patch-uid.c +++ b/src/nspawn/nspawn-patch-uid.c @@ -263,9 +263,12 @@ static int patch_fd(int fd, const char *name, const struct stat *st, uid_t shift return -errno; /* The Linux kernel alters the mode in some cases of chown(). Let's undo this. */ - if (name && !S_ISLNK(st->st_mode)) - r = fchmodat(fd, name, st->st_mode, 0); - else + if (name) { + if (!S_ISLNK(st->st_mode)) + r = fchmodat(fd, name, st->st_mode, 0); + else /* AT_SYMLINK_NOFOLLOW is not available for fchmodat() */ + r = 0; + } else r = fchmod(fd, st->st_mode); if (r < 0) return -errno; |