From 04cad06bed055a5dd373b2f5babc8000a76597a6 Mon Sep 17 00:00:00 2001 From: Karel Zak Date: Mon, 9 Oct 2017 12:44:48 +0200 Subject: [PATCH] libmount: use eacess() rather than open() to check mtab/utab The open() syscall is probably the most strong way how to check write accessibility in all situations, but it's overkill and on some paranoid systems with enabled audit/selinux. It fills logs with "Permission denied" entries. Let's use eaccess() if available. Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1499760 Signed-off-by: Karel Zak --- configure.ac | 1 + libmount/src/utils.c | 19 +++++++++++++------ 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/configure.ac b/configure.ac index 78258d677..96c5838cf 100644 --- a/configure.ac +++ b/configure.ac @@ -315,6 +315,7 @@ AC_CHECK_FUNCS([ \ __fpending \ secure_getenv \ __secure_getenv \ + eaccess \ err \ errx \ fsync \ diff --git a/libmount/src/utils.c b/libmount/src/utils.c index 5c374b432..a275d0a0e 100644 --- a/libmount/src/utils.c +++ b/libmount/src/utils.c @@ -653,18 +653,25 @@ done: static int try_write(const char *filename) { - int fd; + int rc = 0; if (!filename) return -EINVAL; - fd = open(filename, O_RDWR|O_CREAT|O_CLOEXEC, +#ifdef HAVE_EACCESS + if (eaccess(filename, R_OK|W_OK) != 0) + rc = -errno; +#else + { + int fd = open(filename, O_RDWR|O_CREAT|O_CLOEXEC, S_IWUSR|S_IRUSR|S_IRGRP|S_IROTH); - if (fd >= 0) { - close(fd); - return 0; + if (fd < 0) + rc = -errno; + else + close(fd); } - return -errno; +#endif + return rc; } /** -- 2.13.6