From efc280330c68dc5cbf605921f6c840a54d5841bb Mon Sep 17 00:00:00 2001 From: Sebastian Lackner Date: Sat, 12 Jan 2019 21:22:52 +0100 Subject: fusefrontend: -allow_other: Use SymlinkatUser in Symlink FUSE call. Instead of manually adjusting the user after creating the symlink, adjust effective permissions and let the kernel deal with it. Related to https://github.com/rfjakob/gocryptfs/issues/338. --- internal/fusefrontend/fs.go | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) (limited to 'internal/fusefrontend') diff --git a/internal/fusefrontend/fs.go b/internal/fusefrontend/fs.go index 9637acf..c4b1a01 100644 --- a/internal/fusefrontend/fs.go +++ b/internal/fusefrontend/fs.go @@ -483,6 +483,10 @@ func (fs *FS) Symlink(target string, linkName string, context *fuse.Context) (co return fuse.ToStatus(err) } defer syscall.Close(dirfd) + // Make sure context is nil if we don't want to preserve the owner + if !fs.args.PreserveOwner { + context = nil + } cTarget := target if !fs.args.PlaintextNames { // Symlinks are encrypted like file contents (GCM) and base64-encoded @@ -495,26 +499,15 @@ func (fs *FS) Symlink(target string, linkName string, context *fuse.Context) (co return fuse.ToStatus(err) } // Create "gocryptfs.longfile." symlink - err = syscallcompat.Symlinkat(cTarget, dirfd, cName) + err = syscallcompat.SymlinkatUser(cTarget, dirfd, cName, context) if err != nil { nametransform.DeleteLongNameAt(dirfd, cName) } } else { // Create symlink - err = syscallcompat.Symlinkat(cTarget, dirfd, cName) - } - if err != nil { - return fuse.ToStatus(err) - } - // Set owner - if fs.args.PreserveOwner { - err = syscallcompat.Fchownat(dirfd, cName, int(context.Owner.Uid), - int(context.Owner.Gid), unix.AT_SYMLINK_NOFOLLOW) - if err != nil { - tlog.Warn.Printf("Symlink: Fchownat failed: %v", err) - } + err = syscallcompat.SymlinkatUser(cTarget, dirfd, cName, context) } - return fuse.OK + return fuse.ToStatus(err) } // Rename - FUSE call. -- cgit v1.2.3