From kde-commits Thu Apr 30 12:41:09 2009 From: Stephan Kulow Date: Thu, 30 Apr 2009 12:41:09 +0000 To: kde-commits Subject: icecream/daemon Message-Id: <1241095269.809797.8202.nullmailer () svn ! kde ! org> X-MARC-Message: https://marc.info/?l=kde-commits&m=124109615406378 SVN commit 961597 by coolo: Patch by Michal Schmid |The way icecream changes permissions of /var/cache/icecream is buggy. |When the daemon initializes, it creates the directory owned by |root:root and readable for everyone. As soon as it installs a foreign |environment, it changes the owner to root:icecream and removes access |for everyone else. This causes trouble for locally run icecc which |wants read access to /var/cache/icecream/native. As a result, local |compile jobs can no longer determine the native environment and fail |to get distributed to other nodes. | |This patch assigns the owners and permissions like this: |0755 root:root /var/cache/icecream/ |0775 root:icecream /var/cache/icecream/native/ |0770 root:icecream /var/cache/icecream/target=/ |0770 root:icecream /var/cache/icecream/target=// | |It also sets the umask in the initialization of the daemon so that we |can depend on it being sane and we no longer need some of the chmods. | |The access() check in start_install_environment() can be dropped, |because if we don't have access, we'll soon find out anyway. M +15 -20 environment.cpp M +2 -0 main.cpp --- trunk/icecream/daemon/environment.cpp #961596:961597 @@ -180,8 +180,6 @@ log_perror( "mkdir in cleanup_cache() failed" ); return false; } - chown( basedir.c_str(), 0, 0 ); - chmod( basedir.c_str(), 0755 ); return ret; } @@ -219,14 +217,14 @@ if ( ::access( "/usr/bin/gcc", X_OK ) || ::access( "/usr/bin/g++", X_OK ) ) return 0; - if ( mkdir( nativedir.c_str(), 0755 ) ) + if ( mkdir( nativedir.c_str(), 0775 ) ) return 0; - if ( chown( nativedir.c_str(), nobody_uid, nobody_gid) ) { + if ( chown( nativedir.c_str(), 0, nobody_gid ) || + chmod( nativedir.c_str(), 0775 ) ) { rmdir( nativedir.c_str() ); return 0; } - chmod( nativedir.c_str(), 0755 ); flush_debug(); pid_t pid = fork(); @@ -251,7 +249,6 @@ } } // else - umask(022); if ( setgid( nobody_gid ) < 0) { log_perror("setgid failed"); @@ -313,30 +310,28 @@ compression = BZip2; } - if( ::access( basename.c_str(), W_OK ) ) { - log_error() << "access for basename " << basename.c_str() << " gives " << strerror(errno) << endl; - return 0; + if ( mkdir( dirname.c_str(), 0770 ) && errno != EEXIST ) { + log_perror( "mkdir target" ); + return 0; } - chown( basename.c_str(), 0, nobody_gid ); - chmod( basename.c_str(), 0770 ); - - if ( mkdir( dirname.c_str(), 0755 ) && errno != EEXIST ) { - log_perror( "mkdir target" ); + if ( chown( dirname.c_str(), 0, nobody_gid ) || + chmod( dirname.c_str(), 0770 ) ) { + log_perror( "chown,chmod target" ); return 0; } - chown( dirname.c_str(), 0, nobody_gid ); - chmod( dirname.c_str(), 0770 ); - dirname = dirname + "/" + name; - if ( mkdir( dirname.c_str(), 0700 ) ) { + if ( mkdir( dirname.c_str(), 0770 ) ) { log_perror( "mkdir name" ); return 0; } - chown( dirname.c_str(), 0, nobody_gid ); - chmod( dirname.c_str(), 0770 ); + if ( chown( dirname.c_str(), 0, nobody_gid ) || + chmod( dirname.c_str(), 0770 ) ) { + log_perror( "chown,chmod name" ); + return 0; + } int fds[2]; if ( pipe( fds ) ) --- trunk/icecream/daemon/main.cpp #961596:961597 @@ -1598,6 +1598,8 @@ } } + umask(022); + if ( !logfile.length() && detach) logfile = "/var/log/iceccd";