diff options
author | Yegor Timoshenko <yegortimoshenko@gmail.com> | 2017-12-28 00:24:03 +0000 |
---|---|---|
committer | Yegor Timoshenko <yegortimoshenko@gmail.com> | 2017-12-28 00:25:02 +0000 |
commit | 25b35f4ffbe27072ddfdecc7f28cb49bfc6832b0 (patch) | |
tree | e04935b47b71c63b4a690fcef3cf3bc371477d16 /pkgs/build-support/build-fhs-userenv/chrootenv.c | |
parent | 779805181719b488b41bcc920fd858246ad53ec8 (diff) | |
download | nixpkgs-25b35f4ffbe27072ddfdecc7f28cb49bfc6832b0.tar nixpkgs-25b35f4ffbe27072ddfdecc7f28cb49bfc6832b0.tar.gz nixpkgs-25b35f4ffbe27072ddfdecc7f28cb49bfc6832b0.tar.bz2 nixpkgs-25b35f4ffbe27072ddfdecc7f28cb49bfc6832b0.tar.lz nixpkgs-25b35f4ffbe27072ddfdecc7f28cb49bfc6832b0.tar.xz nixpkgs-25b35f4ffbe27072ddfdecc7f28cb49bfc6832b0.tar.zst nixpkgs-25b35f4ffbe27072ddfdecc7f28cb49bfc6832b0.zip |
chrootenv: resolve potential race condition
Diffstat (limited to 'pkgs/build-support/build-fhs-userenv/chrootenv.c')
-rw-r--r-- | pkgs/build-support/build-fhs-userenv/chrootenv.c | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/pkgs/build-support/build-fhs-userenv/chrootenv.c b/pkgs/build-support/build-fhs-userenv/chrootenv.c index d3b49db0e42..43abf976bde 100644 --- a/pkgs/build-support/build-fhs-userenv/chrootenv.c +++ b/pkgs/build-support/build-fhs-userenv/chrootenv.c @@ -124,16 +124,6 @@ int nftw_remove(const char *path, const struct stat *sb, int type, return remove(path); } -char *root; - -void root_cleanup() { - if (nftw(root, nftw_remove, getdtablesize(), - FTW_DEPTH | FTW_MOUNT | FTW_PHYS) < 0) - errorf(EX_IOERR, "nftw(%s)", root); - - free(root); -} - #define REQUIREMENTS \ "Requires Linux version >= 3.19 built with CONFIG_USER_NS option.\n" @@ -158,6 +148,8 @@ int main(int argc, char *argv[]) { if (temp == NULL) temp = "/tmp"; + char *root; + if (asprintf(&root, "%s/chrootenvXXXXXX", temp) < 0) errorf(EX_IOERR, "asprintf"); @@ -166,8 +158,6 @@ int main(int argc, char *argv[]) { if (root == NULL) errorf(EX_IOERR, "mkdtemp(%s)", root); - atexit(root_cleanup); - // Don't make root private so that privilege drops inside chroot are possible: if (chmod(root, 0755) < 0) errorf(EX_IOERR, "chmod(%s, 0755)", root); @@ -232,6 +222,12 @@ int main(int argc, char *argv[]) { if (waitpid(cpid, &status, 0) < 0) errorf(EX_OSERR, "waitpid(%d)", cpid); + if (nftw(root, nftw_remove, getdtablesize(), + FTW_DEPTH | FTW_MOUNT | FTW_PHYS) < 0) + errorf(EX_IOERR, "nftw(%s)", root); + + free(root); + if (WIFEXITED(status)) { return WEXITSTATUS(status); } else if (WIFSIGNALED(status)) { |