[CRIU] [PATCH 3/4] log: chown pidfile to current criu user
Ruslan Kuprieiev
kupruser at gmail.com
Thu Jan 29 12:59:29 PST 2015
If criu run with suid bit set, user should be able
to read pidfiles(i.e. service pidfile).
Signed-off-by: Ruslan Kuprieiev <kupruser at gmail.com>
---
log.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/log.c b/log.c
index c6e64da..0a5eb58 100644
--- a/log.c
+++ b/log.c
@@ -17,6 +17,7 @@
#include "util.h"
#include "cr_options.h"
#include "servicefd.h"
+#include "security.h"
#define DEFAULT_LOGFD STDERR_FILENO
/* Enable timestamps if verbosity is increased from default */
@@ -191,6 +192,12 @@ int write_pidfile(int pid)
return -1;
}
+ if (cr_fchown(fd)) {
+ pr_perror("Can't chown pidfile %s", opts.pidfile);
+ close(fd);
+ return -1;
+ }
+
dprintf(fd, "%d", pid);
close(fd);
return 0;
--
2.1.0
More information about the CRIU
mailing list