diff options
| author | Karel Zak | 2017-10-09 12:44:48 +0200 |
|---|---|---|
| committer | Karel Zak | 2017-10-20 12:37:04 +0200 |
| commit | c08396c7691e1e6a04b6b45892e7e4612ceed8d7 (patch) | |
| tree | 09e4ba2ea4568ebdc5b33b4e406d49ae1322b673 | |
| parent | build-sys: release++ (v2.31) (diff) | |
| download | kernel-qcow2-util-linux-c08396c7691e1e6a04b6b45892e7e4612ceed8d7.tar.gz kernel-qcow2-util-linux-c08396c7691e1e6a04b6b45892e7e4612ceed8d7.tar.xz kernel-qcow2-util-linux-c08396c7691e1e6a04b6b45892e7e4612ceed8d7.zip | |
libmount: use eacess() rather than open() to check mtab/utab
The open() syscall is probably the most strong way how to check write
accessibility in all situations, but it's overkill and on some
paranoid systems with enabled audit/selinux. It fills logs with
"Permission denied" entries. Let's use eaccess() if available.
Signed-off-by: Karel Zak <kzak@redhat.com>
| -rw-r--r-- | configure.ac | 1 | ||||
| -rw-r--r-- | libmount/src/utils.c | 19 |
2 files changed, 14 insertions, 6 deletions
diff --git a/configure.ac b/configure.ac index 1899ec3c0..eebe92259 100644 --- a/configure.ac +++ b/configure.ac @@ -391,6 +391,7 @@ AC_CHECK_FUNCS([ \ __fpending \ secure_getenv \ __secure_getenv \ + eaccess \ err \ errx \ explicit_bzero \ diff --git a/libmount/src/utils.c b/libmount/src/utils.c index a5617e6c0..711d1683e 100644 --- a/libmount/src/utils.c +++ b/libmount/src/utils.c @@ -647,17 +647,24 @@ done: static int try_write(const char *filename) { - int fd, rc = 0; + int rc = 0; if (!filename) return -EINVAL; - fd = open(filename, O_RDWR|O_CREAT|O_CLOEXEC, - S_IWUSR|S_IRUSR|S_IRGRP|S_IROTH); - if (fd < 0) +#ifdef HAVE_EACCESS + if (eaccess(filename, R_OK|W_OK) != 0) rc = -errno; - else - close(fd); +#else + { + int fd = open(filename, O_RDWR|O_CREAT|O_CLOEXEC, + S_IWUSR|S_IRUSR|S_IRGRP|S_IROTH); + if (fd < 0) + rc = -errno; + else + close(fd); + } +#endif return rc; } |