diff options
author | Jakob Unterwurzacher | 2016-06-26 20:13:21 +0200 |
---|---|---|
committer | Jakob Unterwurzacher | 2016-06-26 20:13:21 +0200 |
commit | 0115588680c1b00a24407c54d8f7c46a6fa3baf1 (patch) | |
tree | 48394a0ce02fd9e18c602434095623e707dce3b9 /internal/fusefrontend/file.go | |
parent | fb5e7023eef0b78de4b27dedfa1cc1c56c71a8cc (diff) |
main, fusefrontend: enable suid functionality
FUSE filesystems are mounted with "nosuid" by default. If we run as root,
we can use device files by passing the opposite mount option, "suid".
Also we have to use syscall.Chmod instead of os.Chmod because the
portability translation layer "syscallMode" messes up the sgid
and suid bits.
Fixes 70% of the failures in xfstests generic/193. The remaining are
related to truncate, but we err on the safe side:
$ diff -u tests/generic/193.out /home/jakob/src/fuse-xfstests/results//generic/193.out.bad
[...]
check that suid/sgid bits are cleared after successful truncate...
with no exec perm
before: -rwSr-Sr--
-after: -rw-r-Sr--
+after: -rw-r--r--
Diffstat (limited to 'internal/fusefrontend/file.go')
-rw-r--r-- | internal/fusefrontend/file.go | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/internal/fusefrontend/file.go b/internal/fusefrontend/file.go index 780a792..546526b 100644 --- a/internal/fusefrontend/file.go +++ b/internal/fusefrontend/file.go @@ -459,7 +459,10 @@ func (f *file) Chmod(mode uint32) fuse.Status { f.fdLock.RLock() defer f.fdLock.RUnlock() - return fuse.ToStatus(f.fd.Chmod(os.FileMode(mode))) + // os.File.Chmod goes through the "syscallMode" translation function that messes + // up the suid and sgid bits. So use syscall.Fchmod directly. + err := syscall.Fchmod(f.intFd(), mode) + return fuse.ToStatus(err) } func (f *file) Chown(uid uint32, gid uint32) fuse.Status { |