log: chown pidfile to current criu user

If criu run with suid bit set, user should be able to read pidfiles(i.e. service pidfile). Signed-off-by: Ruslan Kuprieiev <kupruser@gmail.com> Signed-off-by: Pavel Emelyanov <xemul@parallels.com>

log: chown pidfile to current criu user
If criu run with suid bit set, user should be able to read pidfiles(i.e. service pidfile). Signed-off-by: Ruslan Kuprieiev <kupruser@gmail.com> Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
e2c3ad37 · Ruslan Kuprieiev · Pavel Emelyanov · 09c3f5d0 · e2c3ad37
Commit e2c3ad37 authored Jan 29, 2015 by Ruslan Kuprieiev Committed by Pavel Emelyanov Feb 10, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 0 deletions

log.c log.c +7 -0

No files found.
--- a/log.c
+++ b/log.c
@@ -17,6 +17,7 @@
 #include "util.h"
 #include "cr_options.h"
 #include "servicefd.h"
+#include "security.h"
 #define DEFAULT_LOGFD		STDERR_FILENO
 /* Enable timestamps if verbosity is increased from default */
@@ -191,6 +192,12 @@ int write_pidfile(int pid)
 		return -1;
 	}
+	if (cr_fchown(fd)) {
+		pr_perror("Can't chown pidfile %s", opts.pidfile);
+		close(fd);
+		return -1;
+	}
 	dprintf(fd, "%d", pid);
 	close(fd);
 	return 0;