if (!pa_streq(pw->pw_dir, PA_SYSTEM_RUNTIME_PATH))
pa_log_warn(_("Home directory of user '%s' is not '%s', ignoring."), PA_SYSTEM_USER, PA_SYSTEM_RUNTIME_PATH);
- if (pa_make_secure_dir(PA_SYSTEM_RUNTIME_PATH, 0755, pw->pw_uid, gr->gr_gid) < 0) {
+ if (pa_make_secure_dir(PA_SYSTEM_RUNTIME_PATH, 0755, pw->pw_uid, gr->gr_gid, TRUE) < 0) {
pa_log(_("Failed to create '%s': %s"), PA_SYSTEM_RUNTIME_PATH, pa_cstrerror(errno));
return -1;
}
- if (pa_make_secure_dir(PA_SYSTEM_STATE_PATH, 0700, pw->pw_uid, gr->gr_gid) < 0) {
+ if (pa_make_secure_dir(PA_SYSTEM_STATE_PATH, 0700, pw->pw_uid, gr->gr_gid, TRUE) < 0) {
pa_log(_("Failed to create '%s': %s"), PA_SYSTEM_STATE_PATH, pa_cstrerror(errno));
return -1;
}
}
-/** Creates a directory securely */
-int pa_make_secure_dir(const char* dir, mode_t m, uid_t uid, gid_t gid) {
+/** Creates a directory securely. Will create parent directories recursively if
+ * required. This will not update permissions on parent directories if they
+ * already exist, however. */
+int pa_make_secure_dir(const char* dir, mode_t m, uid_t uid, gid_t gid, pa_bool_t update_perms) {
struct stat st;
int r, saved_errno;
pa_bool_t retry = TRUE;
if (r < 0 && errno == ENOENT && retry) {
/* If a parent directory in the path doesn't exist, try to create that
* first, then try again. */
- pa_make_secure_parent_dir(dir, m, uid, gid);
+ pa_make_secure_parent_dir(dir, m, uid, gid, FALSE);
retry = FALSE;
goto again;
}
goto fail;
}
+ if (!update_perms)
+ return 0;
+
#ifdef HAVE_FCHOWN
if (uid == (uid_t) -1)
uid = getuid();
}
/* Creates a the parent directory of the specified path securely */
-int pa_make_secure_parent_dir(const char *fn, mode_t m, uid_t uid, gid_t gid) {
+int pa_make_secure_parent_dir(const char *fn, mode_t m, uid_t uid, gid_t gid, pa_bool_t update_perms) {
int ret = -1;
char *dir;
if (!(dir = pa_parent_dir(fn)))
goto finish;
- if (pa_make_secure_dir(dir, m, uid, gid) < 0)
+ if (pa_make_secure_dir(dir, m, uid, gid, update_perms) < 0)
goto finish;
ret = 0;
/* If PULSE_STATE_PATH and PULSE_RUNTIME_PATH point to the same
* dir then this will break. */
- if (pa_make_secure_dir(d, 0700U, (uid_t) -1, (gid_t) -1) < 0) {
+ if (pa_make_secure_dir(d, 0700U, (uid_t) -1, (gid_t) -1, TRUE) < 0) {
pa_log_error("Failed to create secure directory: %s", pa_cstrerror(errno));
pa_xfree(d);
return NULL;
d = getenv("PULSE_RUNTIME_PATH");
if (d) {
- if (pa_make_secure_dir(d, m, (uid_t) -1, (gid_t) -1) < 0) {
+ if (pa_make_secure_dir(d, m, (uid_t) -1, (gid_t) -1, TRUE) < 0) {
pa_log_error("Failed to create secure directory: %s", pa_cstrerror(errno));
goto fail;
}
if (d) {
k = pa_sprintf_malloc("%s" PA_PATH_SEP "pulse", d);
- if (pa_make_secure_dir(k, m, (uid_t) -1, (gid_t) -1) < 0) {
+ if (pa_make_secure_dir(k, m, (uid_t) -1, (gid_t) -1, TRUE) < 0) {
free(k);
pa_log_error("Failed to create secure directory: %s", pa_cstrerror(errno));
goto fail;
if (!d)
goto fail;
- if (pa_make_secure_dir(d, m, (uid_t) -1, (gid_t) -1) < 0) {
+ if (pa_make_secure_dir(d, m, (uid_t) -1, (gid_t) -1, TRUE) < 0) {
pa_log_error("Failed to create secure directory: %s", pa_cstrerror(errno));
pa_xfree(d);
goto fail;
void pa_make_fd_nonblock(int fd);
void pa_make_fd_cloexec(int fd);
-int pa_make_secure_dir(const char* dir, mode_t m, uid_t uid, gid_t gid);
-int pa_make_secure_parent_dir(const char *fn, mode_t, uid_t uid, gid_t gid);
+int pa_make_secure_dir(const char* dir, mode_t m, uid_t uid, gid_t gid, pa_bool_t update_perms);
+int pa_make_secure_parent_dir(const char *fn, mode_t, uid_t uid, gid_t gid, pa_bool_t update_perms);
ssize_t pa_read(int fd, void *buf, size_t count, int *type);
ssize_t pa_write(int fd, const void *buf, size_t count, int *type);