diff options
| author | Jakob Unterwurzacher | 2025-06-28 16:22:29 +0200 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2025-07-09 19:28:09 +0200 |
| commit | b499c26526ff3a257310ed9fc2c04680d3ee4ab6 (patch) | |
| tree | b2a8408eaf40f6ed94e18a36d29a03d43d8b9715 /internal/fusefrontend_reverse/node_helpers.go | |
| parent | 8372f8b94769827c2055195f59f7ea277e3aef9f (diff) | |
fusefrontend_reverse: switch from sabhiram/go-gitignore to internal/go-git-gitignore
Diffstat (limited to 'internal/fusefrontend_reverse/node_helpers.go')
| -rw-r--r-- | internal/fusefrontend_reverse/node_helpers.go | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/internal/fusefrontend_reverse/node_helpers.go b/internal/fusefrontend_reverse/node_helpers.go index 3165db6..9fb16b8 100644 --- a/internal/fusefrontend_reverse/node_helpers.go +++ b/internal/fusefrontend_reverse/node_helpers.go @@ -14,6 +14,7 @@ import ( "github.com/rfjakob/gocryptfs/v2/internal/configfile" "github.com/rfjakob/gocryptfs/v2/internal/pathiv" "github.com/rfjakob/gocryptfs/v2/internal/syscallcompat" + "github.com/rfjakob/gocryptfs/v2/internal/tlog" ) const ( @@ -113,6 +114,7 @@ func (n *Node) isRoot() bool { return &rn.Node == n } +// lookupLongnameName is called by Lookup for gocryptfs.longname.XYZ.name files func (n *Node) lookupLongnameName(ctx context.Context, nameFile string, out *fuse.EntryOut) (ch *fs.Inode, errno syscall.Errno) { d, errno := n.prepareAtSyscall("") if errno != 0 { @@ -134,16 +136,16 @@ func (n *Node) lookupLongnameName(ctx context.Context, nameFile string, out *fus if errno != 0 { return } - if rn.isExcludedPlain(filepath.Join(d.cPath, pName)) { - errno = syscall.EPERM - return - } // Get attrs from parent file st, err := syscallcompat.Fstatat2(fd, pName, unix.AT_SYMLINK_NOFOLLOW) if err != nil { errno = fs.ToErrno(err) return } + if rn.isExcludedMode(filepath.Join(d.pPath, pName), st.Mode) { + tlog.Debug.Printf("lookupLongnameName: %q is excluded. Returning EPERM.", d.cPath) + return nil, syscall.EPERM + } var vf *VirtualMemNode vf, errno = n.newVirtualMemNode([]byte(cFullname), st, inoTagNameFile) if errno != 0 { @@ -190,6 +192,10 @@ func (n *Node) lookupDiriv(ctx context.Context, out *fuse.EntryOut) (ch *fs.Inod // lookupConf returns a new Inode for the gocryptfs.conf file func (n *Node) lookupConf(ctx context.Context, out *fuse.EntryOut) (ch *fs.Inode, errno syscall.Errno) { rn := n.rootNode() + if rn.isExcludedMode(configfile.ConfReverseName, syscall.S_IFREG) { + tlog.Debug.Printf("lookupConf: file %q is excluded. Returning EPERM.", configfile.ConfDefaultName) + return nil, syscall.EPERM + } p := filepath.Join(rn.args.Cipherdir, configfile.ConfReverseName) var st syscall.Stat_t err := syscall.Stat(p, &st) |