Bug#681880: [ovs-dev] [bug 681880 2/3] ovsdb: Make "ovsdb-tool create" work through a dangling symlink.

Thu, 26 Jul 2012 17:51:14 -0700 

On Thu, Jul 26, 2012 at 02:48:52PM -0700, Ben Pfaff wrote:
> open() with O_CREAT|O_EXCL yields EEXIST if the name passed in is a
> symlink, but we would like "ovsdb-tool create /etc/openvswitch/conf.db" to
> work if /etc/openvswitch/conf.db is a symlink to elsewhere in the file
> system.  This commit fixes the problem.  It introduces a theoretical race,
> but no one should be doing "ovsdb-tool create" in parallel anyhow; O_EXCL
> is just an idiot check here, not required to be fail-safe.

I'm comfortable with this provided that the location of conf.db is
a directory that is is only accessible by the administrator. Else I think
there may be some problems from a security POV.

> Debian bug #681880.
> CC: 681...@bugs.debian.org
> Reported-by: Bastian Blank <wa...@debian.org>
> Signed-off-by: Ben Pfaff <b...@nicira.com>
> ---
>  ovsdb/log.c |   13 +++++++++++--
>  1 files changed, 11 insertions(+), 2 deletions(-)
> 
> diff --git a/ovsdb/log.c b/ovsdb/log.c
> index ab4a150..9b882dc 100644
> --- a/ovsdb/log.c
> +++ b/ovsdb/log.c
> @@ -1,4 +1,4 @@
> -/* Copyright (c) 2009, 2010, 2011 Nicira, Inc.
> +/* Copyright (c) 2009, 2010, 2011, 2012 Nicira, Inc.
>   *
>   * Licensed under the Apache License, Version 2.0 (the "License");
>   * you may not use this file except in compliance with the License.
> @@ -95,7 +95,16 @@ ovsdb_log_open(const char *name, enum ovsdb_log_open_mode 
> open_mode,
>      } else if (open_mode == OVSDB_LOG_READ_WRITE) {
>          flags = O_RDWR;
>      } else if (open_mode == OVSDB_LOG_CREATE) {
> -        flags = O_RDWR | O_CREAT | O_EXCL;
> +        if (stat(name, &s) == -1 && errno == ENOENT
> +            && lstat(name, &s) == 0 && S_ISLNK(s.st_mode)) {
> +            /* 'name' is a dangling symlink.  We want to create the file that
> +             * the symlink points to, but POSIX says that open() with O_EXCL
> +             * must fail with EEXIST if the named file is a symlink.  So, we
> +             * have to leave off O_EXCL and accept the race. */
> +            flags = O_RDWR | O_CREAT;
> +        } else {
> +            flags = O_RDWR | O_CREAT | O_EXCL;
> +        }
>      } else {
>          NOT_REACHED();
>      }
> -- 
> 1.7.2.5
> 
> _______________________________________________
> dev mailing list
> d...@openvswitch.org
> http://openvswitch.org/mailman/listinfo/dev
> 


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to