From 3381a63c54f2221e3742211df39c5e2ee13d16cc Mon Sep 17 00:00:00 2001 From: Theodore Ts'o Date: Tue, 30 Jun 2009 22:36:28 -0400 Subject: [PATCH] libuuid: Don't run uuidd if it would fail due to permission problems Some distributions don't like installing uuidd setuid or setgid. So if the setuid or setigid bit is not set with uuidd, and the current process does not have write access to the UUIDD work directory, don't try running uuidd, since it won't work properly. Signed-off-by: "Theodore Ts'o" --- lib/uuid/gen_uuid.c | 5 +++++ lib/uuid/uuidd.h | 5 +++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/uuid/gen_uuid.c b/lib/uuid/gen_uuid.c index 5893aff3..420ca2b2 100644 --- a/lib/uuid/gen_uuid.c +++ b/lib/uuid/gen_uuid.c @@ -481,6 +481,7 @@ static int get_uuid_via_daemon(int op, uuid_t out, int *num) ssize_t ret; int32_t reply_len = 0, expected = 16; struct sockaddr_un srv_addr; + struct stat st; pid_t pid; static const char *uuidd_path = UUIDD_PATH; static int access_ret = -2; @@ -496,6 +497,10 @@ static int get_uuid_via_daemon(int op, uuid_t out, int *num) sizeof(struct sockaddr_un)) < 0) { if (access_ret == -2) access_ret = access(uuidd_path, X_OK); + if (access_ret == 0) + access_ret = stat(uuidd_path, &st); + if (access_ret == 0 && (st.st_mode & (S_ISUID | S_ISGID)) == 0) + access_ret = access(UUIDD_DIR, W_OK); if (access_ret == 0 && start_attempts++ < 5) { if ((pid = fork()) == 0) { close_all_fds(); diff --git a/lib/uuid/uuidd.h b/lib/uuid/uuidd.h index 528acdc9..c71f4b78 100644 --- a/lib/uuid/uuidd.h +++ b/lib/uuid/uuidd.h @@ -35,8 +35,9 @@ #ifndef _UUID_UUIDD_H #define _UUID_UUIDD_H -#define UUIDD_SOCKET_PATH "/var/lib/libuuid/request" -#define UUIDD_PIDFILE_PATH "/var/lib/libuuid/uuidd.pid" +#define UUIDD_DIR "/var/lib/libuuid" +#define UUIDD_SOCKET_PATH UUIDD_DIR "/request" +#define UUIDD_PIDFILE_PATH UUIDD_DIR "/uuidd.pid" #define UUIDD_PATH "/usr/sbin/uuidd" #define UUIDD_OP_GETPID 0 -- 2.11.0