containers
/
storage
mirror of https://github.com/containers/storage.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chown: restore SUID and SGID bits 

be sure the SUID and SGID bits are not lost when we do
a chown.

Closes: https://github.com/containers/libpod/issues/1526

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano 2018-09-25 15:46:43 +02:00
parent 1d49427fe9
commit 2df72f37c6
No known key found for this signature in database
GPG Key ID: E4730F97F60286ED
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
drivers/chown_unix.go
View File

@ -45,10 +45,20 @@ func platformLChown(path string, info os.FileInfo, toHost, toContainer *idtools.
uid, gid = mappedPair.UID, mappedPair.GID
}
if uid != int(st.Uid) || gid != int(st.Gid) {
stat, err := os.Lstat(path)
if err != nil {
return fmt.Errorf("%s: lstat(%q): %v", os.Args[0], path, err)
}
// Make the change.
if err := syscall.Lchown(path, uid, gid); err != nil {
return fmt.Errorf("%s: chown(%q): %v", os.Args[0], path, err)
}
// Restore the SUID and SGID bits if they were originally set.
if (stat.Mode()&os.ModeSymlink == 0) && stat.Mode()&(os.ModeSetuid|os.ModeSetgid) != 0 {
if err := os.Chmod(path, stat.Mode()); err != nil {
return fmt.Errorf("%s: chmod(%q): %v", os.Args[0], path, err)
}
}
}
}
return nil