From b864d1ef58a5e47e6b60c9a218ffab28de05d2ee Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 21 Sep 2022 19:08:15 -0600 Subject: Convert remaining uses of sudo_mkdir_parents() to sudo_open_parent_dir(). --- logsrvd/logsrvd.c | 11 ++++++----- logsrvd/logsrvd_journal.c | 13 +++++++++---- 2 files changed, 15 insertions(+), 9 deletions(-) (limited to 'logsrvd') diff --git a/logsrvd/logsrvd.c b/logsrvd/logsrvd.c index bd8191bab..7c66defc6 100644 --- a/logsrvd/logsrvd.c +++ b/logsrvd/logsrvd.c @@ -1759,8 +1759,7 @@ static void write_pidfile(void) { FILE *fp; - int fd; - bool success; + int dfd, fd; mode_t oldmask; const char *pid_file = logsrvd_conf_pid_file(); debug_decl(write_pidfile, SUDO_DEBUG_UTIL); @@ -1771,10 +1770,11 @@ write_pidfile(void) /* Default logsrvd umask is more restrictive (077). */ oldmask = umask(S_IWGRP|S_IWOTH); - success = sudo_mkdir_parents(pid_file, ROOT_UID, ROOT_GID, + dfd = sudo_open_parent_dir(pid_file, ROOT_UID, ROOT_GID, S_IRWXU|S_IXGRP|S_IXOTH, false); - if (success) { - fd = open(pid_file, O_WRONLY|O_CREAT|O_NOFOLLOW, 0644); + if (dfd != -1) { + const char *base = sudo_basename(pid_file); + fd = openat(dfd, base, O_WRONLY|O_CREAT|O_NOFOLLOW, 0644); if (fd == -1 || (fp = fdopen(fd, "w")) == NULL) { sudo_warn("%s", pid_file); if (fd != -1) @@ -1786,6 +1786,7 @@ write_pidfile(void) sudo_warn("%s", pid_file); fclose(fp); } + close(dfd); } umask(oldmask); diff --git a/logsrvd/logsrvd_journal.c b/logsrvd/logsrvd_journal.c index c9e804fe5..831610cfa 100644 --- a/logsrvd/logsrvd_journal.c +++ b/logsrvd/logsrvd_journal.c @@ -89,8 +89,9 @@ journal_fdopen(int fd, const char *journal_path, static int journal_mkstemp(const char *parent_dir, char *pathbuf, int pathlen) { - int len, fd = -1; + int len, dfd = -1, fd = -1; mode_t dirmode, oldmask; + char *template; debug_decl(journal_mkstemp, SUDO_DEBUG_UTIL); /* umask must not be more restrictive than the file modes. */ @@ -109,19 +110,23 @@ journal_mkstemp(const char *parent_dir, char *pathbuf, int pathlen) RELAY_TEMPLATE); goto done; } - if (!sudo_mkdir_parents(pathbuf, logsrvd_conf_iolog_uid(), - logsrvd_conf_iolog_gid(), S_IRWXU|S_IXGRP|S_IXOTH, false)) { + dfd = sudo_open_parent_dir(pathbuf, logsrvd_conf_iolog_uid(), + logsrvd_conf_iolog_gid(), S_IRWXU|S_IXGRP|S_IXOTH, false); + if (dfd == -1) { sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO, "unable to create parent dir for %s", pathbuf); goto done; } - if ((fd = mkstemp(pathbuf)) == -1) { + template = pathbuf + (len - strlen(RELAY_TEMPLATE)); + if ((fd = mkostempsat(dfd, template, 0, 0)) == -1) { sudo_warn(U_("%s: %s"), "mkstemp", pathbuf); goto done; } done: umask(oldmask); + if (dfd != -1) + close(dfd); debug_return_int(fd); } -- cgit v1.2.1