diff options
author | Colin Walters <walters@verbum.org> | 2016-06-26 17:11:38 -0400 |
---|---|---|
committer | Colin Walters <walters@verbum.org> | 2016-07-01 15:03:01 -0400 |
commit | 113c770dc1e7f29d9c5478661fdd89d0035079a7 (patch) | |
tree | 36fe9131bad56e56b788bd1da89543ce80aa844e /glnx-fdio.h | |
parent | 4f83b70f690f437b983333a7c43def3ed6ca2d46 (diff) | |
download | libglnx-113c770dc1e7f29d9c5478661fdd89d0035079a7.tar.gz |
fdio: Add open_tmpfile_linkable() and link_tmpfile_at()
We had a bug previously where we failed to clean up a temporary file
in an error path. This is a classic case where the new `O_TMPFILE`
API in Linux is nicer.
To implement this, as usual we start with some original bits from
systemd. But in this case I ended up having to heavily modify it
because systemd doesn't support "link into place and overwrite". They
don't actually use their tempfile code much at all in fact - as far as
I can tell, just in the coredump code.
Whereas in many apps, ostree included, a very common use case is
atomically updating an existing file, which is
`glnx_file_replace_contents_at()`, including subtleties like doing an
`fdatasync()` if the file already existed.
Implementing this then is slightly weird since we need to link() the
file into place, then rename() after.
It's still better though because if we e.g. hit `ENOSPC` halfway
through, we'll clean up the file automatically.
We still do keep the mode where we error out if the file exists.
Finally, the ostree core though does have a more unusual case where we
want to ignore EEXIST (allow concurrent object writers), so add
support for that now.
Note: One really confusing bug I had here was that `O_TMPFILE` ignores
the provided mode, and this caused ostree to write refs that weren't
world readable.
Rework things so we always call `fchmod()`, but as a consequence we're
no longer honoring umask in the default case. I doubt anyone will
care, and if they do we should probably fix ostree to consistently use
a mode inherited from the repo or something.
Diffstat (limited to 'glnx-fdio.h')
-rw-r--r-- | glnx-fdio.h | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/glnx-fdio.h b/glnx-fdio.h index 3ca1a66..982545a 100644 --- a/glnx-fdio.h +++ b/glnx-fdio.h @@ -46,6 +46,29 @@ const char *glnx_basename (const char *path) return (basename) (path); } +gboolean +glnx_open_tmpfile_linkable_at (int dfd, + const char *subpath, + int flags, + int *out_fd, + char **out_path, + GError **error); + +typedef enum { + GLNX_LINK_TMPFILE_REPLACE, + GLNX_LINK_TMPFILE_NOREPLACE, + GLNX_LINK_TMPFILE_NOREPLACE_IGNORE_EXIST +} GLnxLinkTmpfileReplaceMode; + +gboolean +glnx_link_tmpfile_at (int dfd, + GLnxLinkTmpfileReplaceMode flags, + int fd, + const char *tmpfile_path, + int target_dfd, + const char *target, + GError **error); + GBytes * glnx_fd_readall_bytes (int fd, GCancellable *cancellable, |