From patchwork Sat Oct 10 08:07:36 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Andy Zhou <azhou@nicira.com>
X-Patchwork-Id: 528553
Return-Path: <dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from archives.nicira.com (li376-54.members.linode.com
	[96.126.127.54]) by ozlabs.org (Postfix) with ESMTP id CB31D14076B
	for <incoming@patchwork.ozlabs.org>;
	Sat, 10 Oct 2015 19:07:50 +1100 (AEDT)
Received: from archives.nicira.com (localhost [127.0.0.1])
	by archives.nicira.com (Postfix) with ESMTP id 4699710BA7;
	Sat, 10 Oct 2015 01:07:46 -0700 (PDT)
X-Original-To: dev@openvswitch.org
Delivered-To: dev@openvswitch.org
Received: from mx1e3.cudamail.com (mx1.cudamail.com [69.90.118.67])
	by archives.nicira.com (Postfix) with ESMTPS id D850C10B3C
	for <dev@openvswitch.org>; Sat, 10 Oct 2015 01:07:44 -0700 (PDT)
Received: from bar5.cudamail.com (localhost [127.0.0.1])
	by mx1e3.cudamail.com (Postfix) with ESMTPS id 39A6A420126
	for <dev@openvswitch.org>; Sat, 10 Oct 2015 02:07:44 -0600 (MDT)
X-ASG-Debug-ID: 1444464463-09eadd141558d780001-byXFYA
Received: from mx1-pf2.cudamail.com ([192.168.24.2]) by bar5.cudamail.com
	with
	ESMTP id Ru1ZGya0Z2tVTXcx (version=TLSv1 cipher=DHE-RSA-AES256-SHA
	bits=256 verify=NO) for <dev@openvswitch.org>;
	Sat, 10 Oct 2015 02:07:43 -0600 (MDT)
X-Barracuda-Envelope-From: azhou@nicira.com
X-Barracuda-RBL-Trusted-Forwarder: 192.168.24.2
Received: from unknown (HELO mail-pa0-f45.google.com) (209.85.220.45)
	by mx1-pf2.cudamail.com with ESMTPS (RC4-SHA encrypted);
	10 Oct 2015 08:07:43 -0000
Received-SPF: unknown (mx1-pf2.cudamail.com: Multiple SPF records returned)
X-Barracuda-RBL-Trusted-Forwarder: 209.85.220.45
Received: by padhy16 with SMTP id hy16so107509296pad.1
	for <dev@openvswitch.org>; Sat, 10 Oct 2015 01:07:42 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=ZdUe4fCOyqIayCs6kBWFBvpG9s7RUpcTlKfo4Yglii0=;
	b=DOXv6H1y7uMfDbik32vDrejoqhvleQuxgZz39OXMw2KfwlR3Je+HPXWQ1dLNe1LgrC
	Kb/p9JFfroDqXklUI9nMLzAjT7WG704gSWedGdr8gwAtRdP0BjK+6weHPM1rMPqwVTki
	k41jPqznmMY4dZdBkMRI8uSgTQGrXtOKlfAQMJVT5AIEEe6EU2TrtdAIXdkbj5w9d70X
	Am/++Pq9T3S4C+e6bpjLc33mYFOGPy0x9TAkRXp+0VVC9FrcX4t3lHhP4htlCrGcJp2p
	60QwmCEqo4mKR2H0BqHaJSGfGWN/ddoCw3PoHBnprJe/SPVgPlTCth55nA1dywffKzFP
	KJ8g==
X-Gm-Message-State: 
 ALoCoQmMcwmC3OSpqhF8weB4hCQS6PtZU6IsOreLsmKO9tBCTUi642MEgZBHH0VVRyn42/cwceJy
X-Received: by 10.66.139.232 with SMTP id rb8mr20357610pab.99.1444464462644;
	Sat, 10 Oct 2015 01:07:42 -0700 (PDT)
Received: from ubuntu.localdomain ([208.91.1.34])
	by smtp.gmail.com with ESMTPSA id
	k10sm6578235pbq.78.2015.10.10.01.07.41
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Sat, 10 Oct 2015 01:07:42 -0700 (PDT)
X-CudaMail-Envelope-Sender: azhou@nicira.com
X-Barracuda-Apparent-Source-IP: 208.91.1.34
From: Andy Zhou <azhou@nicira.com>
To: dev@openvswitch.org
X-CudaMail-Whitelist-To: dev@openvswitch.org
X-CudaMail-MID: CM-E2-1009002443
X-CudaMail-DTE: 101015
X-CudaMail-Originating-IP: 209.85.220.45
Date: Sat, 10 Oct 2015 01:07:36 -0700
X-ASG-Orig-Subj: [##CM-E2-1009002443##][PATCH 2/2] vlog: change log file
	owner when switching user
Message-Id: <1444464456-27941-2-git-send-email-azhou@nicira.com>
X-Mailer: git-send-email 1.9.1
In-Reply-To: <1444464456-27941-1-git-send-email-azhou@nicira.com>
References: <1444464456-27941-1-git-send-email-azhou@nicira.com>
X-Barracuda-Connect: UNKNOWN[192.168.24.2]
X-Barracuda-Start-Time: 1444464463
X-Barracuda-Encrypted: DHE-RSA-AES256-SHA
X-Barracuda-URL: https://web.cudamail.com:443/cgi-mod/mark.cgi
X-ASG-Whitelist: Header =?UTF-8?B?eFwtY3VkYW1haWxcLXdoaXRlbGlzdFwtdG8=?=
X-Virus-Scanned: by bsmtpd at cudamail.com
X-Barracuda-BRTS-Status: 1
Subject: [ovs-dev] [PATCH 2/2] vlog: change log file owner when switching
	user
X-BeenThere: dev@openvswitch.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: <dev.openvswitch.org>
List-Unsubscribe: <http://openvswitch.org/mailman/options/dev>,
	<mailto:dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://openvswitch.org/pipermail/dev>
List-Post: <mailto:dev@openvswitch.org>
List-Help: <mailto:dev-request@openvswitch.org?subject=help>
List-Subscribe: <http://openvswitch.org/mailman/listinfo/dev>,
	<mailto:dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: dev-bounces@openvswitch.org
Sender: "dev" <dev-bounces@openvswitch.org>

vlog log file can be created when parsing --log-file option, before
switch user, in case the --user option is also specified. This
does not directly causing errors for the running daemons, but leaves
the log files on disk as owned by root. It can be confusing at best.

This patch fixes the log file ownership setting to match with the
daemon that writes to it.

Signed-off-by: Andy Zhou <azhou@nicira.com>
---
 include/openvswitch/vlog.h |  1 +
 lib/daemon-unix.c          |  7 +++++++
 lib/vlog.c                 | 14 ++++++++++++++
 3 files changed, 22 insertions(+)

diff --git a/include/openvswitch/vlog.h b/include/openvswitch/vlog.h
index f6bb3ab..139dfb9 100644
--- a/include/openvswitch/vlog.h
+++ b/include/openvswitch/vlog.h
@@ -143,6 +143,7 @@ void vlog_set_verbosity(const char *arg);
 void vlog_set_pattern(enum vlog_destination, const char *pattern);
 int vlog_set_log_file(const char *file_name);
 int vlog_reopen_log_file(void);
+int vlog_change_owner(uid_t, gid_t);
 
 /* Configure method how vlog should send messages to syslog server. */
 void vlog_set_syslog_method(const char *method);
diff --git a/lib/daemon-unix.c b/lib/daemon-unix.c
index cafa397..e31dbc4 100644
--- a/lib/daemon-unix.c
+++ b/lib/daemon-unix.c
@@ -856,6 +856,13 @@ daemon_become_new_user__(bool access_datapath)
         return;
     }
 
+    /* If vlog file has been created, change its owner to the non-root user
+     * as specifed by the --user option.  */
+    if (vlog_change_owner(uid, gid)) {
+        VLOG_FATAL("%s: fail to change owner of the log file from root "
+                   "to user %s", pidfile, user);
+    }
+
     if (LINUX) {
         if (LIBCAPNG) {
             daemon_become_new_user_linux(access_datapath);
diff --git a/lib/vlog.c b/lib/vlog.c
index da31e6f..56b8db8 100644
--- a/lib/vlog.c
+++ b/lib/vlog.c
@@ -430,6 +430,20 @@ vlog_reopen_log_file(void)
     }
 }
 
+/* In case a log file exists, change its owner to new 'user' and 'group'.
+ *
+ * This is useful for handling cases where the --log-file option is
+ * specified ahead of the --user option.  */
+int
+vlog_change_owner(uid_t user, gid_t group)
+{
+    ovs_mutex_lock(&log_file_mutex);
+    int error = log_file_name ? chown(log_file_name, user, group) : 0;
+    ovs_mutex_unlock(&log_file_mutex);
+
+    return error;
+}
+
 /* Set debugging levels.  Returns null if successful, otherwise an error
  * message that the caller must free(). */
 char *