var oldStat fs.FileInfo
reopen:
- oldFh, err := os.OpenFile(file.Path,
- // O_NOFOLLOW prevents symlink attacks
- // O_NONBLOCK is necessary to prevent blocking on FIFOs
- os.O_RDONLY|syscall.O_NOFOLLOW|syscall.O_NONBLOCK, 0)
+ oldFh, err := OpenFileNoFollow(file.Path)
if err != nil {
err := err.(*fs.PathError)
- if err.Err == syscall.ELOOP {
+ if err.Err == syscall.ELOOP || err.Err == syscall.EMLINK {
// Check if ELOOP was caused not by O_NOFOLLOW but by
// too many nested symlinks before the final path
// component.
if !change.Created {
// Compare permissions
change.Old.Mode = oldStat.Mode()
+ if change.Old.Mode.Type() == fs.ModeSymlink {
+ // Some BSD systems permit changing permissions of
+ // symlinks but ignore them on traversal. To keep it
+ // simple we don't support that and always use 0777
+ // for symlink permissions (the value on GNU/Linux).
+ //
+ // TODO: Add proper support for symlinks on BSD
+ change.Old.Mode |= 0777
+ }
if change.Old.Mode != file.Mode {
if change.Old.Mode.Type() != file.Mode.Type() {
changeType = true
}
}
- // Directory: create new directory (also type change to directory)
+ // Directory: create new directory, also type change to directory
if file.Mode.IsDir() && (change.Created || changeType) {
debugf("creating directory")
err := os.Mkdir(file.Path, 0700)
// a symlink at this point. There's no lchmod so open the
// directory.
debugf("chmodding %s", file.Mode)
- dh, err := os.OpenFile(file.Path,
- os.O_RDONLY|syscall.O_NOFOLLOW|syscall.O_NONBLOCK, 0)
+ dh, err := OpenFileNoFollow(file.Path)
if err != nil {
return err
}
}
dir := filepath.Dir(file.Path)
- base := filepath.Base(file.Path)
+ // Create hidden file which should be ignored by most other tools and
+ // thus not affect anything during creation
+ base := "." + filepath.Base(file.Path)
var tmpPath string
switch file.Mode.Type() {
case 0: // regular file
debugf("creating temporary file %q",
- filepath.Join(dir, "."+base+"*"))
- // Create hidden file which should be ignored by most other
- // tools and thus not affect anything during creation
- newFh, err := os.CreateTemp(dir, "."+base)
+ filepath.Join(dir, base+"*"))
+ tmpPath, err = WriteTemp(dir, base, file.Data,
+ file.Uid, file.Gid, file.Mode)
if err != nil {
return err
}
- tmpPath = newFh.Name()
-
- _, err = newFh.Write(file.Data)
- if err != nil {
- newFh.Close()
- os.Remove(tmpPath)
- return err
- }
- // CreateTemp() creates the file with 0600
- err = newFh.Chown(file.Uid, file.Gid)
- if err != nil {
- newFh.Close()
- os.Remove(tmpPath)
- return err
- }
- err = newFh.Chmod(file.Mode)
- if err != nil {
- newFh.Close()
- os.Remove(tmpPath)
- return err
- }
- err = newFh.Sync()
- if err != nil {
- newFh.Close()
- os.Remove(tmpPath)
- return err
- }
- err = newFh.Close()
- if err != nil {
- newFh.Close()
- os.Remove(tmpPath)
- return err
- }
case fs.ModeSymlink:
i := 0
// Similar to os.CreateTemp() but for symlinks which we cannot
// open as file
tmpPath = filepath.Join(dir,
- "."+base+strconv.Itoa(rand.Int()))
+ base+strconv.Itoa(rand.Int()))
debugf("creating temporary symlink %q", tmpPath)
err := os.Symlink(string(file.Data), tmpPath)
if err != nil {
os.Remove(tmpPath)
return err
}
- // Permissions are irrelevant for symlinks
+ // Permissions are irrelevant for symlinks (on most systems)
default:
panic(fmt.Sprintf("invalid file type %s", file.Mode))
os.Remove(tmpPath)
return err
}
- err = syncPath(dir)
+ err = SyncPath(dir)
if err != nil {
return err
}
return result, nil
}
-// syncPath syncs path, which should be a directory. To guarantee durability
+func OpenFileNoFollow(path string) (*os.File, error) {
+ return os.OpenFile(path,
+ // O_NOFOLLOW prevents symlink attacks
+ // O_NONBLOCK is necessary to prevent blocking on FIFOs
+ os.O_RDONLY|syscall.O_NOFOLLOW|syscall.O_NONBLOCK, 0)
+}
+
+func WriteTemp(dir, base string, data []byte, uid, gid int, mode fs.FileMode) (
+ string, error) {
+
+ fh, err := os.CreateTemp(dir, base)
+ if err != nil {
+ return "", err
+ }
+ tmpPath := fh.Name()
+
+ _, err = fh.Write(data)
+ if err != nil {
+ fh.Close()
+ os.Remove(tmpPath)
+ return "", err
+ }
+ // CreateTemp() creates the file with 0600
+ err = fh.Chown(uid, gid)
+ if err != nil {
+ fh.Close()
+ os.Remove(tmpPath)
+ return "", err
+ }
+ err = fh.Chmod(mode)
+ if err != nil {
+ fh.Close()
+ os.Remove(tmpPath)
+ return "", err
+ }
+ err = fh.Sync()
+ if err != nil {
+ fh.Close()
+ os.Remove(tmpPath)
+ return "", err
+ }
+ err = fh.Close()
+ if err != nil {
+ fh.Close()
+ os.Remove(tmpPath)
+ return "", err
+ }
+
+ return tmpPath, nil
+}
+
+// SyncPath syncs path, which should be a directory. To guarantee durability
// it must be called on a parent directory after adding, renaming or removing
// files therein.
//
// fsync: "Calling fsync() does not necessarily ensure that the entry in the
// directory containing the file has also reached disk. For that an explicit
// fsync() on a file descriptor for the directory is also needed."
-func syncPath(path string) error {
+func SyncPath(path string) error {
x, err := os.Open(path)
if err != nil {
return err
ruderich.org/simon / safcm / safcm.git / blobdiff