Date: Thu, 04 Apr 2002 11:06:41 +0200 From: Sheldon Hearn <sheldonh@starjuice.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: bin/36738: [PATCH] newsyslog ownership race condition Message-ID: <18921.1017911201@axl.seasidesoftware.co.za>
next in thread | raw e-mail | index | archive | help
>Number: 36738 >Category: bin >Synopsis: [PATCH] newsyslog ownership race condition >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Apr 04 01:10:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Sheldon Hearn >Release: FreeBSD 5.0-CURRENT i386 >Organization: Seaside Software >Environment: All known versions of FreeBSD (problem existed in rev 1.1 of newsyslog.c). >Description: The newsyslog(8) configuration syntax allows for specification of the ownership of created files. However, files are created owned by the user running the program. Ownership is changed very soon after, but there is a brief period during which the ownership of the file does not match the specification provided in the configuration file. >How-To-Repeat: I hit this race condition frequently on a very busy MTA server, where MTA processes get "permission denied" trying to write to their log file just as it's being rotated by newsyslog(8). >Fix: The following patch solves the problem. OpenBSD have already addressed this problem in their rev 1.26 of newsyslog.c, but the scope of that patch is wider, so I include this simple fix in case nobody's up to grabbing OpenBSD's patch. If nobody steps up to the plate to incorporate the fix from OpenBSD, I'll apply my patch some time soon, say in two weeks. Let me know if you want to do this but need more than two weeks, so we can avoid stepping on each other's toes. Index: newsyslog.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/newsyslog/newsyslog.c,v retrieving revision 1.40 diff -u -d -r1.40 newsyslog.c --- newsyslog.c 2 Apr 2002 12:03:16 -0000 1.40 +++ newsyslog.c 4 Apr 2002 08:37:45 -0000 @@ -513,6 +513,7 @@ char file1[MAXPATHLEN], file2[MAXPATHLEN]; char zfile1[MAXPATHLEN], zfile2[MAXPATHLEN]; char jfile1[MAXPATHLEN]; + char tfile[MAXPATHLEN]; int notified, need_notification, fd, _numdays; struct stat st; pid_t pid; @@ -644,20 +645,28 @@ if (noaction) printf("Start new log..."); else { - fd = creat(log, perm); + strlcpy(tfile, log, sizeof(tfile)); + strlcat(tfile, ".XXXXXX", sizeof(tfile)); + mkstemp(tfile); + fd = creat(tfile, perm); if (fd < 0) err(1, "can't start new log"); if (fchown(fd, owner_uid, group_gid)) err(1, "can't chmod new log file"); (void) close(fd); if (!(flags & CE_BINARY)) - if (log_trim(log)) /* Add status message */ + if (log_trim(tfile)) /* Add status message */ err(1, "can't add status message to log"); } if (noaction) printf("chmod %o %s...\n", perm, log); - else - (void) chmod(log, perm); + else { + (void) chmod(tfile, perm); + if (rename(tfile, log) < 0) { + err(1, "can't start new log"); + (void) unlink(tfile); + } + } pid = 0; need_notification = notified = 0; >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?18921.1017911201>