TheCloud/fuse-overlayfs
1
0
Fork 0
mirror of https://github.com/containers/fuse-overlayfs.git synced 2025-09-15 10:21:19 -04:00
Code Issues Packages Projects Releases Wiki Activity

fuse-overlayfs: honor umask with xattr_permissions

Browse Source 
Closes: https://github.com/containers/fuse-overlayfs/issues/407

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano 2023-10-29 21:04:09 +01:00
parent e47790da06
commit 40b431e243
No known key found for this signature in database
GPG Key ID: 67E38F7A8BA21772
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
main.c
View File

@ -3584,6 +3584,7 @@ static int
direct_create_file (struct ovl_layer *l, int dirfd, const char *path, uid_t uid, gid_t gid, int flags, mode_t mode) direct_create_file (struct ovl_layer *l, int dirfd, const char *path, uid_t uid, gid_t gid, int flags, mode_t mode)
{ {
struct ovl_data *lo = l->ovl_data; struct ovl_data *lo = l->ovl_data;
mode_t backing_file_mode = mode | (lo->xattr_permissions ? 0755 : 0);
cleanup_close int fd = -1; cleanup_close int fd = -1;
char wd_tmp_file_name[32]; char wd_tmp_file_name[32];
int ret; int ret;
@ -3591,7 +3592,7 @@ direct_create_file (struct ovl_layer *l, int dirfd, const char *path, uid_t uid,
/* try to create directly the file if it doesn't need to be chowned. */ /* try to create directly the file if it doesn't need to be chowned. */
if (uid == lo->uid && gid == lo->gid && l->stat_override_mode == STAT_OVERRIDE_NONE) if (uid == lo->uid && gid == lo->gid && l->stat_override_mode == STAT_OVERRIDE_NONE)
{ {
ret = TEMP_FAILURE_RETRY (safe_openat (get_upper_layer (lo)->fd, path, flags, mode)); ret = TEMP_FAILURE_RETRY (safe_openat (get_upper_layer (lo)->fd, path, flags, backing_file_mode));
if (ret >= 0) if (ret >= 0)
return ret; return ret;
/* if it fails (e.g. there is a whiteout) then fallback to create it in /* if it fails (e.g. there is a whiteout) then fallback to create it in
@ -3600,7 +3601,7 @@ direct_create_file (struct ovl_layer *l, int dirfd, const char *path, uid_t uid,
sprintf (wd_tmp_file_name, "%lu", get_next_wd_counter ()); sprintf (wd_tmp_file_name, "%lu", get_next_wd_counter ());
fd = TEMP_FAILURE_RETRY (safe_openat (lo->workdir_fd, wd_tmp_file_name, flags, mode)); fd = TEMP_FAILURE_RETRY (safe_openat (lo->workdir_fd, wd_tmp_file_name, flags, backing_file_mode));
if (fd < 0) if (fd < 0)
return -1; return -1;
if (uid != lo->uid || gid != lo->gid || l->stat_override_mode != STAT_OVERRIDE_NONE) if (uid != lo->uid || gid != lo->gid || l->stat_override_mode != STAT_OVERRIDE_NONE)
@ -3713,7 +3714,7 @@ ovl_do_open (fuse_req_t req, fuse_ino_t parent, const char *name, int flags, mod
uid = get_uid (lo, ctx->uid); uid = get_uid (lo, ctx->uid);
gid = get_gid (lo, ctx->gid); gid = get_gid (lo, ctx->gid);
fd = direct_create_file (get_upper_layer (lo), get_upper_layer (lo)->fd, path, uid, gid, flags, (mode & ~ctx->umask) | (lo->xattr_permissions ? 0755 : 0)); fd = direct_create_file (get_upper_layer (lo), get_upper_layer (lo)->fd, path, uid, gid, flags, mode & ~ctx->umask);
if (fd < 0) if (fd < 0)
return fd; return fd;
@ -3925,9 +3926,6 @@ ovl_create (fuse_req_t req, fuse_ino_t parent, const char *name,
fi->flags = fi->flags | O_CREAT; fi->flags = fi->flags | O_CREAT;
if (lo->xattr_permissions)
mode |= 0755;
fd = ovl_do_open (req, parent, name, fi->flags, mode, &node, &st); fd = ovl_do_open (req, parent, name, fi->flags, mode, &node, &st);
if (fd < 0) if (fd < 0)
{ {