Hi Paul,
> > For example, if save_cwd called
> > currdir_fd = open (".");
> > then on a platform that supports fchdir() natively [not gnulib's
> > emulation], a failure to do fchdir (currdir_fd) is of type (a).
> > It can only occur if some other part of the program did side
> > effects on currdir_fd.
>
> Hmm, well, no, the fchdir could also fail if the directory is
> on a remote file system and the network is down. Or
> if there is an I/O error (errno == EIO).
Really? fchdir is basically only copying a pointer in kernel space to a
special place in the process descriptor. But I agree with your essential
point: Not all possible fchdir() failures be detected ahead of time.
I just looked in the source code of Linux, FreeBSD, and OpenSolaris.
linux-2.6.36.2/fs/open.c
Possible errors:
EBADF if fd is invalid
ENOTDIR if fd does not denote a directory
EACCES and similar if directory does not have EXEC and CHDIR permissions
FreeBSD CVS src/sys/kern/vfs_syscalls.c
Possible errors:
EBADF if fd is invalid
EINVAL if fd does not have a vnode
ENOTDIR if fd does not denote a directory
EACCES and similar if directory does not have VEXEC permissions
?? if filesystem root lookup failed
OpenSolaris SVN trunk/usr/src/uts/common/syscall/chdir.c
Possible errors:
EBADF if fd is invalid
ENOTDIR if fd does not denote a directory
EACCES and similar if directory does not have VEXEC permissions
?? if directory has been hidden by autofs magic
So, while "network down" and "disk I/O error" will likely not
threaten fchdir() (since the necessary info is cached in the kernel),
a real threat is that someone does a "chmod 000 directory" and that
fchdir() then fails with EACCES.
Test program:
=================================================
#include <unistd.h>
#include <fcntl.h>
#include <stdio.h>
int main ()
{
int fd;
chdir ("/tmp/origdir");
fd = open (".", O_RDONLY);
chdir ("/tmp/origdir/subdir");
sleep (10);
if (fchdir (fd) < 0)
{
perror ("fchdir failed");
}
else
{
fprintf (stderr, "fchdir succeeded\n");
}
return 0;
}
=================================================
$ mkdir -p /tmp/origdir/subdir
Then, while a.out is running, do "chmod 000 /tmp/origdir".
The result is:
fchdir failed: Permission denied
Conclusion: Not all possible fchdir() failures be detected ahead of time.
Bruno
