Date: Thu, 04 Apr 2002 11:06:41 +0200 From: Sheldon Hearn <sheldonh@starjuice.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: bin/36738: [PATCH] newsyslog ownership race condition Message-ID: <18921.1017911201@axl.seasidesoftware.co.za>
next in thread | raw e-mail | index | archive | help
>Number: 36738
>Category: bin
>Synopsis: [PATCH] newsyslog ownership race condition
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Thu Apr 04 01:10:01 PST 2002
>Closed-Date:
>Last-Modified:
>Originator: Sheldon Hearn
>Release: FreeBSD 5.0-CURRENT i386
>Organization:
Seaside Software
>Environment:
All known versions of FreeBSD (problem existed in rev 1.1 of
newsyslog.c).
>Description:
The newsyslog(8) configuration syntax allows for specification
of the ownership of created files. However, files are created
owned by the user running the program. Ownership is changed
very soon after, but there is a brief period during which the
ownership of the file does not match the specification provided
in the configuration file.
>How-To-Repeat:
I hit this race condition frequently on a very busy MTA server,
where MTA processes get "permission denied" trying to write to
their log file just as it's being rotated by newsyslog(8).
>Fix:
The following patch solves the problem. OpenBSD have already
addressed this problem in their rev 1.26 of newsyslog.c, but
the scope of that patch is wider, so I include this simple fix
in case nobody's up to grabbing OpenBSD's patch.
If nobody steps up to the plate to incorporate the fix from
OpenBSD, I'll apply my patch some time soon, say in two weeks.
Let me know if you want to do this but need more than two weeks,
so we can avoid stepping on each other's toes.
Index: newsyslog.c
===================================================================
RCS file: /home/ncvs/src/usr.sbin/newsyslog/newsyslog.c,v
retrieving revision 1.40
diff -u -d -r1.40 newsyslog.c
--- newsyslog.c 2 Apr 2002 12:03:16 -0000 1.40
+++ newsyslog.c 4 Apr 2002 08:37:45 -0000
@@ -513,6 +513,7 @@
char file1[MAXPATHLEN], file2[MAXPATHLEN];
char zfile1[MAXPATHLEN], zfile2[MAXPATHLEN];
char jfile1[MAXPATHLEN];
+ char tfile[MAXPATHLEN];
int notified, need_notification, fd, _numdays;
struct stat st;
pid_t pid;
@@ -644,20 +645,28 @@
if (noaction)
printf("Start new log...");
else {
- fd = creat(log, perm);
+ strlcpy(tfile, log, sizeof(tfile));
+ strlcat(tfile, ".XXXXXX", sizeof(tfile));
+ mkstemp(tfile);
+ fd = creat(tfile, perm);
if (fd < 0)
err(1, "can't start new log");
if (fchown(fd, owner_uid, group_gid))
err(1, "can't chmod new log file");
(void) close(fd);
if (!(flags & CE_BINARY))
- if (log_trim(log)) /* Add status message */
+ if (log_trim(tfile)) /* Add status message */
err(1, "can't add status message to log");
}
if (noaction)
printf("chmod %o %s...\n", perm, log);
- else
- (void) chmod(log, perm);
+ else {
+ (void) chmod(tfile, perm);
+ if (rename(tfile, log) < 0) {
+ err(1, "can't start new log");
+ (void) unlink(tfile);
+ }
+ }
pid = 0;
need_notification = notified = 0;
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?18921.1017911201>