aboutsummaryrefslogtreecommitdiff
path: root/internal/syscallcompat
diff options
context:
space:
mode:
authorSebastian Lackner2019-01-12 20:42:05 +0100
committerSebastian Lackner2019-01-12 20:54:39 +0100
commit03b9d65cce53fb95b7d489ecd03d0853b9b923fb (patch)
tree77f4bd028ab950861a6fa7af274fb56b271f1930 /internal/syscallcompat
parent669322482a9be3d62abbe0361a8cc2e10e99fc3e (diff)
fusefrontend: -allow_other: Use OpenatUser in Create FUSE call.
Revert commit b22cc03c7516b2003880db8375d26c76d6dff093. Instead of manually adjusting the user and mode after creating the file, adjust effective permissions and let the kernel deal with it. Related to https://github.com/rfjakob/gocryptfs/issues/338.
Diffstat (limited to 'internal/syscallcompat')
-rw-r--r--internal/syscallcompat/sys_darwin.go5
-rw-r--r--internal/syscallcompat/sys_linux.go23
2 files changed, 28 insertions, 0 deletions
diff --git a/internal/syscallcompat/sys_darwin.go b/internal/syscallcompat/sys_darwin.go
index 993c229..7defc5f 100644
--- a/internal/syscallcompat/sys_darwin.go
+++ b/internal/syscallcompat/sys_darwin.go
@@ -46,6 +46,11 @@ func Openat(dirfd int, path string, flags int, mode uint32) (fd int, err error)
return emulateOpenat(dirfd, path, flags, mode)
}
+func OpenatUser(dirfd int, path string, flags int, mode uint32, context *fuse.Context) (fd int, err error) {
+ // FIXME: take into account context.Owner
+ return Openat(dirfd, path, flags, mode)
+}
+
func Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error) {
return emulateRenameat(olddirfd, oldpath, newdirfd, newpath)
}
diff --git a/internal/syscallcompat/sys_linux.go b/internal/syscallcompat/sys_linux.go
index 5c180ec..595aa1d 100644
--- a/internal/syscallcompat/sys_linux.go
+++ b/internal/syscallcompat/sys_linux.go
@@ -3,6 +3,7 @@ package syscallcompat
import (
"fmt"
+ "runtime"
"sync"
"syscall"
@@ -75,6 +76,28 @@ func Openat(dirfd int, path string, flags int, mode uint32) (fd int, err error)
return syscall.Openat(dirfd, path, flags, mode)
}
+// OpenatUser runs the Openat syscall in the context of a different user.
+func OpenatUser(dirfd int, path string, flags int, mode uint32, context *fuse.Context) (fd int, err error) {
+ if context != nil {
+ runtime.LockOSThread()
+ defer runtime.UnlockOSThread()
+
+ err = syscall.Setregid(-1, int(context.Owner.Gid))
+ if err != nil {
+ return -1, err
+ }
+ defer syscall.Setregid(-1, 0)
+
+ err = syscall.Setreuid(-1, int(context.Owner.Uid))
+ if err != nil {
+ return -1, err
+ }
+ defer syscall.Setreuid(-1, 0)
+ }
+
+ return Openat(dirfd, path, flags, mode)
+}
+
// Renameat wraps the Renameat syscall.
func Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error) {
return syscall.Renameat(olddirfd, oldpath, newdirfd, newpath)