[ovs-dev] [additional --user changes v4 2/3] vlog: change log file owner when switching user

Gurucharan Shetty shettyg at nicira.com
Thu Nov 12 02:29:34 UTC 2015


One of the patches seems to break windows build.
https://ci.appveyor.com/project/blp/ovs/build/1.0.916

On Wed, Nov 11, 2015 at 6:12 PM, Andy Zhou <azhou at nicira.com> wrote:
> On Wed, Nov 11, 2015 at 2:48 PM, Ansis Atteka <ansisatteka at gmail.com> wrote:
>>
>>
>> On 11 November 2015 at 14:13, Andy Zhou <azhou at nicira.com> wrote:
>>>
>>> vlog log file can be created when parsing --log-file option, before
>>> switching user, in case the --user option is also specified. While this
>>> does not directly cause errors for the running daemons, it can
>>> leave the log files on the disk as created under the "root" user.
>>> This patch fix the log file ownership to the user specified with --user.
>>>
>>> Signed-off-by: Andy Zhou <azhou at nicira.com>
>>>
>>> ---
>>> v1->v2: Add a comment on vlog_change_owner return code.
>>> v2->v3: no change
>>> v3->v4: Reword the commit message.  change vlog_change_owner() to void.
>>> ---
>>>  include/openvswitch/vlog.h |  1 +
>>>  lib/daemon-unix.c          |  6 +++++-
>>>  lib/vlog.c                 | 22 +++++++++++++++++++++-
>>>  3 files changed, 27 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/include/openvswitch/vlog.h b/include/openvswitch/vlog.h
>>> index f6bb3ab..bc16590 100644
>>> --- a/include/openvswitch/vlog.h
>>> +++ b/include/openvswitch/vlog.h
>>> @@ -143,6 +143,7 @@ void vlog_set_verbosity(const char *arg);
>>>  void vlog_set_pattern(enum vlog_destination, const char *pattern);
>>>  int vlog_set_log_file(const char *file_name);
>>>  int vlog_reopen_log_file(void);
>>> +void vlog_change_owner(uid_t, gid_t);
>>>
>>>  /* Configure method how vlog should send messages to syslog server. */
>>>  void vlog_set_syslog_method(const char *method);
>>> diff --git a/lib/daemon-unix.c b/lib/daemon-unix.c
>>> index 0125745..e69517a 100644
>>> --- a/lib/daemon-unix.c
>>> +++ b/lib/daemon-unix.c
>>> @@ -739,7 +739,7 @@ daemon_switch_group(gid_t real, gid_t effective,
>>>  {
>>>      if ((setresgid(real, effective, saved) == -1) ||
>>>          !gid_verify(real, effective, saved)) {
>>> -        VLOG_FATAL("%s: fail to switch group to gid as %d, aborting",
>>> +        VLOG_FATAL("%s: failed to switch group to gid as %d, aborting",
>>>                     pidfile, gid);
>>>      }
>>>  }
>>> @@ -847,6 +847,10 @@ daemon_become_new_user_linux(bool access_datapath
>>> OVS_UNUSED)
>>>  static void
>>>  daemon_become_new_user__(bool access_datapath)
>>>  {
>>> +    /* If vlog file has been created, change its owner to the non-root
>>> user
>>> +     * as specifed by the --user option.  */
>>> +    vlog_change_owner(uid, gid);
>>> +
>>>      if (LINUX) {
>>>          if (LIBCAPNG) {
>>>              daemon_become_new_user_linux(access_datapath);
>>> diff --git a/lib/vlog.c b/lib/vlog.c
>>> index da31e6f..ade0a45 100644
>>> --- a/lib/vlog.c
>>> +++ b/lib/vlog.c
>>> @@ -105,7 +105,7 @@ DEFINE_STATIC_PER_THREAD_DATA(unsigned int, msg_num,
>>> 0);
>>>   * All of the following is protected by 'log_file_mutex', which nests
>>> inside
>>>   * pattern_rwlock. */
>>>  static struct ovs_mutex log_file_mutex = OVS_MUTEX_INITIALIZER;
>>> -static char *log_file_name OVS_GUARDED_BY(log_file_mutex);
>>> +static char *log_file_name = NULL OVS_GUARDED_BY(log_file_mutex);
>>>  static int log_fd OVS_GUARDED_BY(log_file_mutex) = -1;
>>>  static struct async_append *log_writer OVS_GUARDED_BY(log_file_mutex);
>>>  static bool log_async OVS_GUARDED_BY(log_file_mutex);
>>> @@ -430,6 +430,26 @@ vlog_reopen_log_file(void)
>>>      }
>>>  }
>>>
>>> +/* In case a log file exists, change its owner to new 'user' and 'group'.
>>> + *
>>> + * This is useful for handling cases where the --log-file option is
>>> + * specified ahead of the --user option.  */
>>> +void
>>> +vlog_change_owner(uid_t user, gid_t group)
>>> +{
>>> +    int error = 0;
>>> +
>>> +    if (log_file_name) {
>>> +        ovs_mutex_lock(&log_file_mutex);
>>> +        error = chown(log_file_name, user, group);
>>> +        ovs_mutex_unlock(&log_file_mutex);
>>> +    }
>>> +
>>> +    if (error) {
>>> +        VLOG_FATAL("Failed to change log file ownership.");
>>
>> I would print errno value here and the file name you are actually trying to
>> change the ownership for. It would simply provide a hint to the users on
>> what was actually wrong, if it failed.
>>
>> VLOG_FATAL("Failed to change %s ownership: %s", log_file_name,
>> ovs_strerror(errno));
>>
>> And early return from function if log_file_name is NULL to make code look
>> better.
>>
>
> Pushed to master with both changes as suggested.
>>> +    }
>>> +}
>>> +
>>
>> Otherwise, Acked-by: Ansis Atteka <aatteka at nicira.com>
>>
>> Thanks for working on this, Andy.
>
> Thanks for your review.
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> http://openvswitch.org/mailman/listinfo/dev



More information about the dev mailing list