summaryrefslogtreecommitdiff
path: root/internal/syscallcompat/sys_linux.go
diff options
context:
space:
mode:
authorSebastian Lackner2019-01-12 20:57:31 +0100
committerSebastian Lackner2019-01-12 21:20:07 +0100
commita525e33eaa59c6561653a5fc40e5c4d5a9a3184b (patch)
treeb07cb803ad0f6fe3db093200084f841a93b7b52e /internal/syscallcompat/sys_linux.go
parent03b9d65cce53fb95b7d489ecd03d0853b9b923fb (diff)
fusefrontend: -allow_other: Use MkdiratUser in Mkdir FUSE call.
Revert commit fcaca5fc94d981aa637beb752edc8cb3c2265e96. Instead of manually adjusting the user and mode after creating the directory, adjust effective permissions and let the kernel deal with it. Related to https://github.com/rfjakob/gocryptfs/issues/338.
Diffstat (limited to 'internal/syscallcompat/sys_linux.go')
-rw-r--r--internal/syscallcompat/sys_linux.go22
1 files changed, 22 insertions, 0 deletions
diff --git a/internal/syscallcompat/sys_linux.go b/internal/syscallcompat/sys_linux.go
index 595aa1d..a431195 100644
--- a/internal/syscallcompat/sys_linux.go
+++ b/internal/syscallcompat/sys_linux.go
@@ -180,6 +180,28 @@ func Mkdirat(dirfd int, path string, mode uint32) (err error) {
return syscall.Mkdirat(dirfd, path, mode)
}
+// MkdiratUser runs the Mkdirat syscall in the context of a different user.
+func MkdiratUser(dirfd int, path string, mode uint32, context *fuse.Context) (err error) {
+ if context != nil {
+ runtime.LockOSThread()
+ defer runtime.UnlockOSThread()
+
+ err = syscall.Setregid(-1, int(context.Owner.Gid))
+ if err != nil {
+ return err
+ }
+ defer syscall.Setregid(-1, 0)
+
+ err = syscall.Setreuid(-1, int(context.Owner.Uid))
+ if err != nil {
+ return err
+ }
+ defer syscall.Setreuid(-1, 0)
+ }
+
+ return Mkdirat(dirfd, path, mode)
+}
+
// Fstatat syscall.
func Fstatat(dirfd int, path string, stat *unix.Stat_t, flags int) (err error) {
// Why would we ever want to call this without AT_SYMLINK_NOFOLLOW?