diff options
author | Ruslan Kuprieiev <kupruser@gmail.com> | 2015-01-29 23:59:29 +0300 |
---|---|---|
committer | Pavel Emelyanov <xemul@parallels.com> | 2015-02-10 16:54:32 +0300 |
commit | e2c3ad37912bb4848573e3c8bbf740f166ae78fb (patch) | |
tree | bf7f9c8e1a81792461791fb0ac49d0742514df08 | |
parent | 09c3f5d0c7c6ab99eb9e046a324cc85cb4613224 (diff) |
log: chown pidfile to current criu user
If criu run with suid bit set, user should be able
to read pidfiles(i.e. service pidfile).
Signed-off-by: Ruslan Kuprieiev <kupruser@gmail.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
-rw-r--r-- | log.c | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -17,6 +17,7 @@ #include "util.h" #include "cr_options.h" #include "servicefd.h" +#include "security.h" #define DEFAULT_LOGFD STDERR_FILENO /* Enable timestamps if verbosity is increased from default */ @@ -191,6 +192,12 @@ int write_pidfile(int pid) return -1; } + if (cr_fchown(fd)) { + pr_perror("Can't chown pidfile %s", opts.pidfile); + close(fd); + return -1; + } + dprintf(fd, "%d", pid); close(fd); return 0; |