fusefrontend: -allow_other: Use MkdiratUser in Mkdir FUSE call.

Revert commit fcaca5fc94d981aa637beb752edc8cb3c2265e96. Instead of manually adjusting the user and mode after creating the directory, adjust effective permissions and let the kernel deal with it. Related to https://github.com/rfjakob/gocryptfs/issues/338.
author: Sebastian Lackner 2019-01-12 20:57:31 +0100
committer: Sebastian Lackner 2019-01-12 21:20:07 +0100
commit: a525e33eaa59c6561653a5fc40e5c4d5a9a3184b (patch)
tree: b07cb803ad0f6fe3db093200084f841a93b7b52e /internal/syscallcompat/sys_linux.go
parent: 03b9d65cce53fb95b7d489ecd03d0853b9b923fb (diff)
1 files changed, 22 insertions, 0 deletions
diff --git a/internal/syscallcompat/sys_linux.go b/internal/syscallcompat/sys_linux.go
index 595aa1d..a431195 100644
--- a/internal/syscallcompat/sys_linux.go
+++ b/internal/syscallcompat/sys_linux.go
@@ -180,6 +180,28 @@ func Mkdirat(dirfd int, path string, mode uint32) (err error) {
 	return syscall.Mkdirat(dirfd, path, mode)
 }
 
+// MkdiratUser runs the Mkdirat syscall in the context of a different user.
+func MkdiratUser(dirfd int, path string, mode uint32, context *fuse.Context) (err error) {
+	if context != nil {
+		runtime.LockOSThread()
+		defer runtime.UnlockOSThread()
+
+		err = syscall.Setregid(-1, int(context.Owner.Gid))
+		if err != nil {
+			return err
+		}
+		defer syscall.Setregid(-1, 0)
+
+		err = syscall.Setreuid(-1, int(context.Owner.Uid))
+		if err != nil {
+			return err
+		}
+		defer syscall.Setreuid(-1, 0)
+	}
+
+	return Mkdirat(dirfd, path, mode)
+}
+
 // Fstatat syscall.
 func Fstatat(dirfd int, path string, stat *unix.Stat_t, flags int) (err error) {
 	// Why would we ever want to call this without AT_SYMLINK_NOFOLLOW?
author	Sebastian Lackner	2019-01-12 20:57:31 +0100
committer	Sebastian Lackner	2019-01-12 21:20:07 +0100
commit	a525e33eaa59c6561653a5fc40e5c4d5a9a3184b (patch)
tree	b07cb803ad0f6fe3db093200084f841a93b7b52e /internal/syscallcompat/sys_linux.go
parent	03b9d65cce53fb95b7d489ecd03d0853b9b923fb (diff)