summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2014-02-03 12:52:16 +0100
committerLennart Poettering <lennart@poettering.net>2014-02-03 19:59:18 +0100
commitfdb9161cd3e1a64eb9a653a6bf69596670d6e942 (patch)
tree1e3bf14a87ebea497cf9829d3070e02f27308749 /src
parente59749b1f8a960060b7b8e850cc79f97ddaf2db4 (diff)
conf-parser: warn when we open configuration files with weird access bits
Diffstat (limited to 'src')
-rw-r--r--src/core/load-dropin.c36
-rw-r--r--src/shared/conf-parser.c2
-rw-r--r--src/shared/util.c18
-rw-r--r--src/shared/util.h2
4 files changed, 35 insertions, 23 deletions
diff --git a/src/core/load-dropin.c b/src/core/load-dropin.c
index 35040090ac..546e560b85 100644
--- a/src/core/load-dropin.c
+++ b/src/core/load-dropin.c
@@ -100,8 +100,8 @@ static int process_dir(
UnitDependency dependency,
char ***strv) {
+ _cleanup_free_ char *path = NULL;
int r;
- char *path;
assert(u);
assert(unit_path);
@@ -112,39 +112,29 @@ static int process_dir(
if (!path)
return log_oom();
- if (u->manager->unit_path_cache &&
- !set_get(u->manager->unit_path_cache, path))
- r = 0;
- else
+ if (!u->manager->unit_path_cache || set_get(u->manager->unit_path_cache, path)) {
r = iterate_dir(u, path, dependency, strv);
- free(path);
-
- if (r < 0)
- return r;
+ if (r < 0)
+ return r;
+ }
if (u->instance) {
- char *template;
+ _cleanup_free_ char *template = NULL, *p = NULL;
/* Also try the template dir */
template = unit_name_template(name);
if (!template)
return log_oom();
- path = strjoin(unit_path, "/", template, suffix, NULL);
- free(template);
-
- if (!path)
+ p = strjoin(unit_path, "/", template, suffix, NULL);
+ if (!p)
return log_oom();
- if (u->manager->unit_path_cache &&
- !set_get(u->manager->unit_path_cache, path))
- r = 0;
- else
- r = iterate_dir(u, path, dependency, strv);
- free(path);
-
- if (r < 0)
- return r;
+ if (!u->manager->unit_path_cache || set_get(u->manager->unit_path_cache, p)) {
+ r = iterate_dir(u, p, dependency, strv);
+ if (r < 0)
+ return r;
+ }
}
return 0;
diff --git a/src/shared/conf-parser.c b/src/shared/conf-parser.c
index df4e961ea0..d5a639e874 100644
--- a/src/shared/conf-parser.c
+++ b/src/shared/conf-parser.c
@@ -332,6 +332,8 @@ int config_parse(const char *unit,
}
}
+ fd_warn_permissions(filename, fileno(f));
+
while (!feof(f)) {
char l[LINE_MAX], *p, *c = NULL, *e;
bool escaped = false;
diff --git a/src/shared/util.c b/src/shared/util.c
index aae587243e..f76ed6f563 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -6132,3 +6132,21 @@ int open_tmpfile(const char *path, int flags) {
unlink(p);
return fd;
}
+
+int fd_warn_permissions(const char *path, int fd) {
+ struct stat st;
+
+ if (fstat(fd, &st) < 0)
+ return -errno;
+
+ if (st.st_mode & 0111)
+ log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path);
+
+ if (st.st_mode & 0002)
+ log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path);
+
+ if (getpid() == 1 && (st.st_mode & 0044) != 0044)
+ log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path);
+
+ return 0;
+}
diff --git a/src/shared/util.h b/src/shared/util.h
index e4de4728bd..219e4897b3 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -867,3 +867,5 @@ int writev_safe(int fd, const struct iovec *w, int j);
int mkostemp_safe(char *pattern, int flags);
int open_tmpfile(const char *path, int flags);
+
+int fd_warn_permissions(const char *path, int fd);