Ejemplo n.º 1
0
func TestMknod(t *testing.T) {
	t.Parallel()
	if os.Getuid() != 0 {
		t.Skip("skipping unless root")
	}

	f := &mknod1{}
	mnt, err := fstestutil.MountedT(t, fstestutil.SimpleFS{f})
	if err != nil {
		t.Fatal(err)
	}
	defer mnt.Close()

	defer syscall.Umask(syscall.Umask(0))
	err = syscall.Mknod(mnt.Dir+"/node", syscall.S_IFIFO|0666, 123)
	if err != nil {
		t.Fatalf("Mknod: %v", err)
	}

	want := fuse.MknodRequest{
		Name: "node",
		Mode: os.FileMode(os.ModeNamedPipe | 0666),
		Rdev: uint32(123),
	}
	if runtime.GOOS == "linux" {
		// Linux fuse doesn't echo back the rdev if the node
		// isn't a device (we're using a FIFO here, as that
		// bit is portable.)
		want.Rdev = 0
	}
	if g, e := f.RecordedMknod(), want; g != e {
		t.Fatalf("mknod saw %+v, want %+v", g, e)
	}
}
Ejemplo n.º 2
0
Archivo: main.go Proyecto: scds/eimbu
func main() {
	if !flag.Parsed() {
		flag.Parse()
	}
	var regexHandler = NewHttpHandlerRegexMatcher()

	http.Handle("/", http.StripPrefix(*prefix, regexHandler))

	regexHandler.Handle("/test", HttpHandlerRestHandler{5})
	regexHandler.Handle("/test/", HttpHandlerRestHandler{5})
	regexHandler.Handle("/test/{id}", HttpHandlerRestHandler{5})

	regexHandler.Handle("/ses/{request}", oauthFlowHandler{})

	var socket = *socket

	os.Remove(socket)

	oldUmask := syscall.Umask(000)
	l, err := net.Listen("unix", socket)
	syscall.Umask(oldUmask)
	if err != nil {
		panic(err)
	}

	panic(fcgi.Serve(l, http.DefaultServeMux))
}
Ejemplo n.º 3
0
func UnixAudienceListener(sockaddr string, sockmode os.FileMode, sockuid int, sockgid int) {
	fi, err := os.Stat(sockaddr)
	if err == nil {
		if (fi.Mode() & os.ModeSocket) != 0 {
			os.Remove(sockaddr)
		} else {
			o.Fail("%s exists and is not a socket", sockaddr)
		}
	}
	err = os.MkdirAll(path.Dir(sockaddr), 0755)
	o.MightFail(err, "Couldn't create socket directory")
	laddr, err := net.ResolveUnixAddr("unix", sockaddr)
	o.MightFail(err, "Couldn't resolve audience socket address")
	old_umask := syscall.Umask(0777)
	defer syscall.Umask(old_umask)
	l, err := net.ListenUnix("unix", laddr)
	o.MightFail(err, "Couldn't start audience unixsock listener")
	if sockuid >= 0 || sockgid >= 0 {
		err = os.Chown(sockaddr, sockuid, sockgid)
		o.MightFail(err, "Couldn't chown audience unixsock listener")
	}
	err = os.Chmod(sockaddr, sockmode)
	o.MightFail(err, "Couldn't chmod audience unixsock listener")

	// make sure we clean up the unix socket when we die.
	defer l.Close()
	defer os.Remove(sockaddr)
	AudienceListener(l)
}
Ejemplo n.º 4
0
// UnpackTar unpacks the given tar file into the target directory
func UnpackTar(r io.Reader, targetDir string, fn UnpackTarTransformFunc) error {
	// ensure we we extract with the original permissions
	oldUmask := syscall.Umask(0)
	defer syscall.Umask(oldUmask)

	return TarIterate(r, func(tr *tar.Reader, hdr *tar.Header) (err error) {
		// run tar transform func
		name := hdr.Name
		if fn != nil {
			name, err = fn(hdr.Name)
			if err != nil {
				return err
			}
		}

		path := filepath.Join(targetDir, name)
		mode := hdr.FileInfo().Mode()
		if err := os.MkdirAll(filepath.Dir(path), 0777); err != nil {
			return err
		}

		switch {
		case mode.IsDir():
			err := os.Mkdir(path, mode)
			if err != nil {
				return nil
			}
		case IsSymlink(mode):
			if err := os.Symlink(hdr.Linkname, path); err != nil {
				return err
			}
		case IsDevice(mode):
			switch {
			case (mode & os.ModeCharDevice) != 0:
				mode |= syscall.S_IFCHR
			case (mode & os.ModeDevice) != 0:
				mode |= syscall.S_IFBLK
			}
			devNum := Makedev(uint32(hdr.Devmajor), uint32(hdr.Devminor))
			err = mknod(path, uint32(mode), int(devNum))
			if err != nil {
				return err
			}
		case mode.IsRegular():
			out, err := os.OpenFile(path, os.O_WRONLY|os.O_TRUNC|os.O_CREATE, mode)
			if err != nil {
				return err
			}
			defer out.Close()
			_, err = io.Copy(out, tr)
			if err != nil {
				return err
			}
		default:
			return &ErrUnsupportedFileType{path, mode}
		}

		return nil
	})
}
Ejemplo n.º 5
0
// Setup initializes the proper /dev/console inside the rootfs path
func Setup(rootfs, consolePath, mountLabel string) error {
	oldMask := syscall.Umask(0000)
	defer syscall.Umask(oldMask)

	if err := os.Chmod(consolePath, 0600); err != nil {
		return err
	}

	if err := os.Chown(consolePath, 0, 0); err != nil {
		return err
	}

	if err := label.SetFileLabel(consolePath, mountLabel); err != nil {
		return fmt.Errorf("set file label %s %s", consolePath, err)
	}

	dest := filepath.Join(rootfs, "dev/console")

	f, err := os.Create(dest)
	if err != nil && !os.IsExist(err) {
		return fmt.Errorf("create %s %s", dest, err)
	}

	if f != nil {
		f.Close()
	}

	if err := syscall.Mount(consolePath, dest, "bind", syscall.MS_BIND, ""); err != nil {
		return fmt.Errorf("bind %s to %s %s", consolePath, dest, err)
	}

	return nil
}
Ejemplo n.º 6
0
func createBase(t *testing.T, driver graphdriver.Driver, name string) {
	// We need to be able to set any perms
	oldmask := syscall.Umask(0)
	defer syscall.Umask(oldmask)

	if err := driver.Create(name, ""); err != nil {
		t.Fatal(err)
	}

	dir, err := driver.Get(name, "")
	if err != nil {
		t.Fatal(err)
	}
	defer driver.Put(name)

	subdir := path.Join(dir, "a subdir")
	if err := os.Mkdir(subdir, 0705|os.ModeSticky); err != nil {
		t.Fatal(err)
	}
	if err := os.Chown(subdir, 1, 2); err != nil {
		t.Fatal(err)
	}

	file := path.Join(dir, "a file")
	if err := ioutil.WriteFile(file, []byte("Some data"), 0222|os.ModeSetuid); err != nil {
		t.Fatal(err)
	}
}
Ejemplo n.º 7
0
Archivo: diff.go Proyecto: devick/flynn
func applyLayer() {
	runtime.LockOSThread()
	flag.Parse()

	if err := chroot(flag.Arg(0)); err != nil {
		fatal(err)
	}

	// We need to be able to set any perms
	oldmask := syscall.Umask(0)
	defer syscall.Umask(oldmask)
	tmpDir, err := ioutil.TempDir("/", "temp-docker-extract")
	if err != nil {
		fatal(err)
	}

	os.Setenv("TMPDIR", tmpDir)
	size, err := archive.UnpackLayer("/", os.Stdin)
	os.RemoveAll(tmpDir)
	if err != nil {
		fatal(err)
	}

	encoder := json.NewEncoder(os.Stdout)
	if err := encoder.Encode(applyLayerResponse{size}); err != nil {
		fatal(fmt.Errorf("unable to encode layerSize JSON: %s", err))
	}

	flush(os.Stdout)
	flush(os.Stdin)
	os.Exit(0)
}
Ejemplo n.º 8
0
func TestCreate(t *testing.T) {
	t.Parallel()
	f := &create1{}
	mnt, err := fstestutil.MountedT(t, fstestutil.SimpleFS{f})
	if err != nil {
		t.Fatal(err)
	}
	defer mnt.Close()

	// uniform umask needed to make os.Create's 0666 into something
	// reproducible
	defer syscall.Umask(syscall.Umask(0022))
	ff, err := os.Create(mnt.Dir + "/foo")
	if err != nil {
		t.Fatalf("create1 WriteFile: %v", err)
	}
	defer ff.Close()

	err = syscall.Fsync(int(ff.Fd()))
	if err != nil {
		t.Fatalf("Fsync = %v", err)
	}

	if f.f.RecordedFsync() == (fuse.FsyncRequest{}) {
		t.Errorf("never received expected fsync call")
	}

	ff.Close()
}
Ejemplo n.º 9
0
func newUnixListener(addr string) (net.Listener, error) {
	if err := syscall.Unlink(addr); err != nil && !os.IsNotExist(err) {
		return nil, err
	}

	// there is no way to specify the unix rights to use when
	// creating the socket with net.Listener, so we use umask
	// to create the file without rights and then we chmod
	// to the desired unix rights. This prevent unwanted
	// connections between the creation and the chmod
	mask := syscall.Umask(0777)
	defer syscall.Umask(mask)

	l, err := newListener("unix", addr)
	if err != nil {
		return nil, err
	}

	// only usable by the user who started swarm
	if err := os.Chmod(addr, 0600); err != nil {
		return nil, err
	}

	return l, nil
}
Ejemplo n.º 10
0
func (ts *HTestSuite) TestUnpackPermissions(c *C) {
	tarArchive := filepath.Join(c.MkDir(), "foo.tar")

	canaryName := "foo"
	canaryPerms := os.FileMode(0644)
	tmpdir := c.MkDir()
	err := ioutil.WriteFile(filepath.Join(tmpdir, canaryName), []byte(nil), canaryPerms)
	c.Assert(err, IsNil)

	ChDir(tmpdir, func() error {
		cmd := exec.Command("tar", "cvf", tarArchive, ".")
		_, err = cmd.CombinedOutput()
		c.Assert(err, IsNil)
		return err
	})

	// set crazy umask
	oldUmask := syscall.Umask(0077)
	defer syscall.Umask(oldUmask)

	// unpack
	unpackdir := c.MkDir()
	f, err := os.Open(tarArchive)
	c.Assert(err, IsNil)
	defer f.Close()
	UnpackTar(f, unpackdir, nil)

	st, err := os.Stat(filepath.Join(unpackdir, canaryName))
	c.Assert(err, IsNil)
	c.Assert(st.Mode()&os.ModePerm, Equals, canaryPerms)
}
Ejemplo n.º 11
0
func main() {
	flag.Usage = func() {
		fmt.Fprintf(os.Stderr, "Usage of %s:\n", os.Args[0])
		fmt.Fprintf(os.Stderr, "\n  %s [OPTIONS]\n\nOptions:\n", os.Args[0])
		flag.PrintDefaults()
	}
	flag.Parse()

	version := fmt.Sprintf("async %s", Version)
	if *printVersion {
		fmt.Println(version)
		os.Exit(0)
	}

	log.Printf("Starting %s", version)

	// Good housekeeping for Unix sockets: unlink before binding
	if *listenNetwork == "unix" {
		if err := os.Remove(*listenAddr); err != nil && !os.IsNotExist(err) {
			log.Fatal(err)
		}
	}

	// Change the umask only around net.Listen()
	oldUmask := syscall.Umask(*listenUmask)
	listener, err := net.Listen(*listenNetwork, *listenAddr)
	syscall.Umask(oldUmask)
	if err != nil {
		log.Fatal(err)
	}

	async := NewASync(*cmdPrefix, *cmdsChanSize)

	log.Fatal(http.Serve(listener, async))
}
Ejemplo n.º 12
0
func (f *mknod1) test(path string, t *testing.T) {
	if os.Getuid() != 0 {
		t.Logf("skipping unless root")
		return
	}
	defer syscall.Umask(syscall.Umask(0))
	err := syscall.Mknod(path+"/node", syscall.S_IFIFO|0666, 123)
	if err != nil {
		t.Fatalf("Mknod: %v", err)
	}
	gotr := <-f.seen.gotr
	if gotr == nil {
		t.Fatalf("no recorded MknodRequest")
	}
	if g, e := gotr.Name, "node"; g != e {
		t.Errorf("got Name = %q; want %q", g, e)
	}
	if g, e := gotr.Rdev, uint32(123); g != e {
		if runtime.GOOS == "linux" {
			// Linux fuse doesn't echo back the rdev if the node
			// isn't a device (we're using a FIFO here, as that
			// bit is portable.)
		} else {
			t.Errorf("got Rdev = %v; want %v", g, e)
		}
	}
	if g, e := gotr.Mode, os.FileMode(os.ModeNamedPipe|0666); g != e {
		t.Errorf("got Mode = %v; want %v", g, e)
	}
	t.Logf("Got request: %#v", gotr)
}
Ejemplo n.º 13
0
func setupUnixHttp(addr string, job *engine.Job) (*HttpServer, error) {
	r, err := createRouter(job.Eng, job.GetenvBool("Logging"), job.GetenvBool("EnableCors"), job.Getenv("Version"))
	if err != nil {
		return nil, err
	}

	if err := syscall.Unlink(addr); err != nil && !os.IsNotExist(err) {
		return nil, err
	}
	mask := syscall.Umask(0777)
	defer syscall.Umask(mask)

	l, err := newListener("unix", addr, job.GetenvBool("BufferRequests"))
	if err != nil {
		return nil, err
	}

	if err := setSocketGroup(addr, job.Getenv("SocketGroup")); err != nil {
		return nil, err
	}

	if err := os.Chmod(addr, 0660); err != nil {
		return nil, err
	}

	return &HttpServer{&http.Server{Addr: addr, Handler: r}, l}, nil
}
Ejemplo n.º 14
0
Archivo: file.go Proyecto: dvln/util
// CopyFileSetPerms copies from src to dst until either EOF is reached
// on src or an error occurs.  It will create the destination file with
// the specified permissions and return the number of bytes written (int64)
// and an error (nil if no error).
// Note: if destination file exists it will be removed by this routine
func CopyFileSetPerms(src, dst string, mode os.FileMode) (int64, error) {
	cleanSrc := filepath.Clean(src)
	cleanDst := filepath.Clean(dst)
	if cleanSrc == cleanDst {
		return 0, nil
	}
	sf, err := os.Open(cleanSrc)
	if err != nil {
		return 0, out.WrapErr(err, "Failed to open source file", 4004)
	}
	defer sf.Close()
	if err := os.Remove(cleanDst); err != nil && !os.IsNotExist(err) {
		return 0, out.WrapErr(err, "Failed to clean/remove destination file", 4005)
	}
	oldUmask := syscall.Umask(0)
	defer syscall.Umask(oldUmask)
	df, err := os.OpenFile(cleanDst, syscall.O_CREAT|syscall.O_EXCL|syscall.O_APPEND|syscall.O_WRONLY, mode)
	if err != nil {
		return 0, out.WrapErr(err, "Failed to create destination file", 4006)
	}
	defer df.Close()
	bytes, err := io.Copy(df, sf)
	if err != nil {
		return bytes, out.WrapErr(err, "Failed to copy source file to destination", 4007)
	}
	return bytes, nil
}
Ejemplo n.º 15
0
func TestCachePath(t *testing.T) {
	home, umask := os.Getenv("HOME"), syscall.Umask(0)
	abs, _ := filepath.Abs(".")

	defer func() {
		syscall.Umask(umask)
		_ = os.RemoveAll(filepath.Join(abs, ".cache"))
		_ = os.Setenv("HOME", home)
	}()

	_ = os.Setenv("HOME", abs)
	if err := os.Mkdir(filepath.Join(abs, ".cache"), 0777); err != nil {
		t.Fatal("Could not initialize test")
	}

	file := cachePath()
	if file == nil {
		t.Fatal("The given file should be ok")
	}
	info, err := file.Stat()
	if err != nil {
		t.Fatal("I should be able to stat the given file")
	}
	name, mode := file.Name(), info.Mode().Perm()
	_ = file.Close()
	_ = os.Remove(name)
	if name != filepath.Join(abs, ".cache", cacheName) {
		t.Fatal("Unexpected name")
	}
	if mode != 0666 {
		t.Fatal("Given file does not come from hell ;)")
	}
}
Ejemplo n.º 16
0
func TestCacheBadJson(t *testing.T) {
	home, umask := os.Getenv("HOME"), syscall.Umask(0)
	abs, _ := filepath.Abs(".")
	test := filepath.Join(abs, "test")

	defer func() {
		syscall.Umask(umask)
		_ = os.Setenv("HOME", home)
		_ = os.Rename(filepath.Join(test, ".cache", cacheName),
			filepath.Join(test, ".cache", "bad.json"))
	}()

	_ = os.Setenv("HOME", test)
	_ = os.Rename(filepath.Join(test, ".cache", "bad.json"),
		filepath.Join(test, ".cache", cacheName))

	buffer := bytes.NewBuffer([]byte{})
	log.SetOutput(buffer)
	file := getCacheFile()
	if !file.Valid {
		t.Fatal("It should be valid")
	}
	if !strings.Contains(buffer.String(), "Decoding of cache file failed") {
		t.Fatal("Wrong log")
	}
}
Ejemplo n.º 17
0
// This function wraps application with daemonization.
// Returns isDaemon value to distinguish parent and daemonized processes.
func Daemonize() (isDaemon bool, err error) {
	const errLoc = "daemonigo.Daemonize()"
	isDaemon = os.Getenv(EnvVarName) == EnvVarValue
	log.Println("IsDaemon: ", isDaemon)
	if WorkDir != "" {
		if err = os.Chdir(WorkDir); err != nil {
			err = fmt.Errorf(
				"%s: changing working directory failed, reason -> %s",
				errLoc, err.Error(),
			)
			return
		}
	}
	if isDaemon {
		oldmask := syscall.Umask(int(Umask))
		defer syscall.Umask(oldmask)
		if _, err = syscall.Setsid(); err != nil {
			err = fmt.Errorf(
				"%s: setsid failed, reason -> %s", errLoc, err.Error(),
			)
			return
		}
		if pidFile, err = lockPidFile(); err != nil {
			err = fmt.Errorf(
				"%s: locking PID file failed, reason -> %s",
				errLoc, err.Error(),
			)
		}
	} else {
		flag.Usage = func() {
			arr := make([]string, 0, len(actions))
			for k, _ := range actions {
				arr = append(arr, k)
			}
			fmt.Fprintf(os.Stderr, "Usage: %s {%s}\n",
				os.Args[0], strings.Join(arr, "|"),
			)
			flag.PrintDefaults()
		}

		if !flag.Parsed() {
			log.Printf(" flag.Parse\n")
			flag.Parse()
		}
		//fmt.Printf("after flag.Parse\n")
		//fmt.Printf("flag.Arg(0):%s\n", flag.Arg(0))

		//action, exist := actions[flag.Arg(0)]
		action, exist := actions["daemon"]
		//fmt.Println("exist:", exist)
		if exist {
			action()
		} else {
			flag.Usage()
		}

	}
	return
}
Ejemplo n.º 18
0
func (d *Directory) Create() error {
	log.Println("Create directory:", d.Path)

	oldMode := syscall.Umask(000)
	err := os.MkdirAll(d.Path, os.ModeDir|0777)
	syscall.Umask(oldMode)
	return err
}
Ejemplo n.º 19
0
Archivo: fs.go Proyecto: drptbl/oz
func (fs *Filesystem) CreateDevice(devpath string, dev int, mode uint32) error {
	p := fs.absPath(devpath)
	um := syscall.Umask(0)
	if err := syscall.Mknod(p, mode, dev); err != nil {
		return fmt.Errorf("failed to mknod device '%s': %v", p, err)
	}
	syscall.Umask(um)
	return nil
}
Ejemplo n.º 20
0
Archivo: dump.go Proyecto: vosst/csi
func actionDump(c *cli.Context) {
	verbose := c.Bool(dumpFlagVerbose.Name)
	compress := c.Bool(dumpFlagCompress.Name)
	cd := c.String(dumpFlagCrashDir.Name)
	pid := c.Int(dumpFlagPid.Name)
	when := time.Unix(int64(c.Int(dumpFlagTime.Name)), 0)
	sig := c.Int(dumpFlagSig.Name)
	exe := c.String(dumpFlagExe.Name)

	// Make sure that we are using a sensible umask.
	oldMask := syscall.Umask(0000)
	defer syscall.Umask(oldMask)

	cd = filepath.Join(cd, exe, when.Format(time.RFC3339), fmt.Sprint(pid))
	if err := os.MkdirAll(cd, 0755); err != nil {
		fmt.Fprintf(dumpOutputWriter, "Failed to create crash directory %s [%s]\n", cd, err)
	}

	ci := csi.CrashInspector{}
	if cr, err := ci.Inspect(pid, syscall.Signal(sig)); err != nil {
		fmt.Fprintf(dumpOutputWriter, "Failed to gather crash meta data [%s]\n", err)
	} else {
		if b, err := yaml.Marshal(cr); err != nil {
			fmt.Fprintf(dumpOutputWriter, "Failed to write crash meta data [%s]\n", err)
		} else {
			ry := filepath.Join(cd, "report.yaml")
			if f, err := os.Create(ry); err != nil {
				fmt.Fprintf(dumpOutputWriter, "Failed to dump crash report to %s [%s]\n", ry, err)
			} else {
				defer f.Close()
				fmt.Fprintf(f, "%s", b)
			}
		}
	}

	// And we finally dump the actual core file
	df := filepath.Join(cd, "core")
	if f, err := os.Create(df); err != nil {
		fmt.Fprintf(dumpOutputWriter, "Failed to dump core to %s [%s]", df, err)
	} else {
		defer f.Close()
		// TODO(tvoss): Investigate into syscall.Sendfile and figure out a way
		// to avoid copying of data to userspace.
		var dest io.Writer = f
		if compress {
			dest = snappy.NewWriter(f)
		}

		start := time.Now()
		n, _ := io.Copy(dest, os.Stdin)
		elapsed := time.Since(start)

		if verbose {
			fmt.Fprintf(dumpOutputWriter, "Wrote %d bytes of core dump to %s in %f seconds", n, df, elapsed.Seconds())
		}
	}
}
Ejemplo n.º 21
0
// Transform the supplied mode by the current umask.
func applyUmask(m os.FileMode) os.FileMode {
	// HACK(jacobsa): Use umask(2) to change and restore the umask in order to
	// figure out what the mask is. See the listing in `man getumask`.
	umask := syscall.Umask(0)
	syscall.Umask(umask)

	// Apply it.
	return m &^ os.FileMode(umask)
}
Ejemplo n.º 22
0
// setDefaultUmask sets the umask to 0022 to avoid problems
// caused by custom umask
func setDefaultUmask() error {
	desiredUmask := 0022
	syscall.Umask(desiredUmask)
	if umask := syscall.Umask(desiredUmask); umask != desiredUmask {
		return fmt.Errorf("failed to set umask: expected %#o, got %#o", desiredUmask, umask)
	}

	return nil
}
Ejemplo n.º 23
0
func (opens *openSuite) TestOpenDatabaseWorldWritableFail(c *C) {
	rootDir := filepath.Join(c.MkDir(), "asserts-db")
	oldUmask := syscall.Umask(0)
	os.MkdirAll(rootDir, 0777)
	syscall.Umask(oldUmask)
	cfg := &asserts.DatabaseConfig{Path: rootDir}
	db, err := asserts.OpenDatabase(cfg)
	c.Assert(err, ErrorMatches, "assert database root unexpectedly world-writable: .*")
	c.Check(db, IsNil)
}
Ejemplo n.º 24
0
func (sdbs *sysDBSuite) TestOpenSysDatabaseKeypairManagerOpenFail(c *C) {
	// make it not world-writeable
	oldUmask := syscall.Umask(0)
	os.MkdirAll(filepath.Join(dirs.SnapAssertsDBDir, "private-keys-v1"), 0777)
	syscall.Umask(oldUmask)

	db, err := sysdb.Open()
	c.Assert(err, ErrorMatches, "assert storage root unexpectedly world-writable: .*")
	c.Check(db, IsNil)
}
Ejemplo n.º 25
0
func (sdbs *sysDBSuite) TestOpenSysDatabaseBackstoreOpenFail(c *C) {
	// make it not world-writeable
	oldUmask := syscall.Umask(0)
	os.MkdirAll(filepath.Join(dirs.SnapAssertsDBDir, "asserts-v0"), 0777)
	syscall.Umask(oldUmask)

	db, err := asserts.OpenSysDatabase(dirs.SnapTrustedAccountKey)
	c.Assert(err, ErrorMatches, "assert storage root unexpectedly world-writable: .*")
	c.Check(db, IsNil)
}
Ejemplo n.º 26
0
func (fsbss *fsKeypairMgrSuite) TestOpenWorldWritableFail(c *C) {
	topDir := filepath.Join(c.MkDir(), "asserts-db")
	// make it world-writable
	oldUmask := syscall.Umask(0)
	os.MkdirAll(filepath.Join(topDir, "private-keys-v0"), 0777)
	syscall.Umask(oldUmask)

	bs, err := asserts.OpenFSKeypairManager(topDir)
	c.Assert(err, ErrorMatches, "assert storage root unexpectedly world-writable: .*")
	c.Check(bs, IsNil)
}
Ejemplo n.º 27
0
// this is copy from old libcontainer nodes.go
func createDeviceNodes(rootfs string, nodesToCreate []*configs.Device) error {
	oldMask := syscall.Umask(0000)
	defer syscall.Umask(oldMask)

	for _, node := range nodesToCreate {
		if err := createDeviceNode(rootfs, node); err != nil {
			return err
		}
	}
	return nil
}
func main() {
	mask := syscall.Umask(0)
	defer syscall.Umask(mask)

	err := os.MkdirAll("/tmp/gotest/", 0777)
	if err != nil {
		panic(err)
	}

	fmt.Println("Mkdir /tmp/gotest/")
}
Ejemplo n.º 29
0
// Create the device nodes in the container.
func createDevices(config *configs.Config) error {
	oldMask := syscall.Umask(0000)
	for _, node := range config.Devices {
		if err := createDeviceNode(config.Rootfs, node); err != nil {
			syscall.Umask(oldMask)
			return err
		}
	}
	syscall.Umask(oldMask)
	return nil
}
Ejemplo n.º 30
0
Archivo: diff.go Proyecto: gpxl/deis
// ApplyLayer parses a diff in the standard layer format from `layer`, and
// applies it to the directory `dest`.
func ApplyLayer(dest string, layer ArchiveReader) error {
	dest = filepath.Clean(dest)
	// We need to be able to set any perms
	oldmask := syscall.Umask(0)
	defer syscall.Umask(oldmask)

	layer, err := DecompressStream(layer)
	if err != nil {
		return err
	}
	return UnpackLayer(dest, layer)
}