diff options
author | Daan De Meyer <daan.j.demeyer@gmail.com> | 2022-11-23 12:07:27 +0100 |
---|---|---|
committer | Daan De Meyer <daan.j.demeyer@gmail.com> | 2022-11-28 10:46:00 +0100 |
commit | d2ac7698cb43807a2dd0af727599db486180ebf1 (patch) | |
tree | 5d4946e07f4e949da5e5d2a0a84df9b38fa1416e /src/partition | |
parent | 8a050905a30ff3a5108a8591130e27a1cb17b90c (diff) | |
download | systemd-d2ac7698cb43807a2dd0af727599db486180ebf1.tar.gz |
repart: Make sure all files in the image are owned by root
Diffstat (limited to 'src/partition')
-rw-r--r-- | src/partition/repart.c | 26 |
1 files changed, 17 insertions, 9 deletions
diff --git a/src/partition/repart.c b/src/partition/repart.c index 04cf66ec13..20772020ef 100644 --- a/src/partition/repart.c +++ b/src/partition/repart.c @@ -3678,7 +3678,12 @@ static int context_copy_blocks(Context *context) { return 0; } -static int do_copy_files(Partition *p, const char *root, const Set *denylist) { +static int do_copy_files( + Partition *p, + const char *root, + uid_t override_uid, + gid_t override_gid, + const Set *denylist) { int r; @@ -3728,14 +3733,14 @@ static int do_copy_files(Partition *p, const char *root, const Set *denylist) { r = copy_tree_at( sfd, ".", pfd, fn, - getuid(), getgid(), + override_uid, override_gid, COPY_REFLINK|COPY_HOLES|COPY_MERGE|COPY_REPLACE|COPY_SIGINT|COPY_HARDLINKS|COPY_ALL_XATTRS, denylist); } else r = copy_tree_at( sfd, ".", tfd, ".", - getuid(), getgid(), + override_uid, override_gid, COPY_REFLINK|COPY_HOLES|COPY_MERGE|COPY_REPLACE|COPY_SIGINT|COPY_HARDLINKS|COPY_ALL_XATTRS, denylist); if (r < 0) @@ -3773,6 +3778,9 @@ static int do_copy_files(Partition *p, const char *root, const Set *denylist) { if (r < 0) return log_error_errno(r, "Failed to copy '%s' to '%s%s': %m", *source, strempty(arg_root), *target); + if (fchown(tfd, override_uid, override_gid) < 0) + return log_error_errno(r, "Failed to change ownership of %s", *target); + (void) copy_xattr(sfd, tfd, COPY_ALL_XATTRS); (void) copy_access(sfd, tfd); (void) copy_times(sfd, tfd, 0); @@ -3782,7 +3790,7 @@ static int do_copy_files(Partition *p, const char *root, const Set *denylist) { return 0; } -static int do_make_directories(Partition *p, const char *root) { +static int do_make_directories(Partition *p, uid_t override_uid, gid_t override_gid, const char *root) { int r; assert(p); @@ -3790,7 +3798,7 @@ static int do_make_directories(Partition *p, const char *root) { STRV_FOREACH(d, p->make_directories) { - r = mkdir_p_root(root, *d, getuid(), getgid(), 0755); + r = mkdir_p_root(root, *d, override_uid, override_gid, 0755); if (r < 0) return log_error_errno(r, "Failed to create directory '%s' in file system: %m", *d); } @@ -3817,11 +3825,11 @@ static int partition_populate_directory(Partition *p, const Set *denylist, char if (fchmod(rfd, 0755) < 0) return log_error_errno(errno, "Failed to change mode of temporary directory: %m"); - r = do_copy_files(p, root, denylist); + r = do_copy_files(p, root, getuid(), getgid(), denylist); if (r < 0) return r; - r = do_make_directories(p, root); + r = do_make_directories(p, getuid(), getgid(), root); if (r < 0) return r; @@ -3873,10 +3881,10 @@ static int partition_populate_filesystem(Partition *p, const char *node, const S if (mount_nofollow_verbose(LOG_ERR, node, fs, p->format, MS_NOATIME|MS_NODEV|MS_NOEXEC|MS_NOSUID, NULL) < 0) _exit(EXIT_FAILURE); - if (do_copy_files(p, fs, denylist) < 0) + if (do_copy_files(p, fs, 0, 0, denylist) < 0) _exit(EXIT_FAILURE); - if (do_make_directories(p, fs) < 0) + if (do_make_directories(p, 0, 0, fs) < 0) _exit(EXIT_FAILURE); r = syncfs_path(AT_FDCWD, fs); |