fs-util: introduce fchmod_and_chown()

The new function fchmod_and_chown() is almost same as chmod_and_chown()
except it takes file descriptor instead of file path.

diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c
index 81d51bb664b944b519591478bff3aee6718fa7f3..1f27657379032d2a777fdb19891432394f80d601 100644 (file)
--- a/src/basic/fs-util.c
+++ b/src/basic/fs-util.c
@@ -239,6 +239,22 @@ int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid) {
         return 0;
 }
 
+int fchmod_and_chown(int fd, mode_t mode, uid_t uid, gid_t gid) {
+        /* Under the assumption that we are running privileged we
+         * first change the access mode and only then hand out
+         * ownership to avoid a window where access is too open. */
+
+        if (mode != MODE_INVALID)
+                if (fchmod(fd, mode) < 0)
+                        return -errno;
+
+        if (uid != UID_INVALID || gid != GID_INVALID)
+                if (fchown(fd, uid, gid) < 0)
+                        return -errno;
+
+        return 0;
+}
+
 int fchmod_umask(int fd, mode_t m) {
         mode_t u;
         int r;

diff --git a/src/basic/fs-util.h b/src/basic/fs-util.h
index 4b490078d0e8810316300fc192c32e99f8f9b813..4e65fd2388b73c5090fbd967113c3ae74c2a60f5 100644 (file)
--- a/src/basic/fs-util.h
+++ b/src/basic/fs-util.h
@@ -37,6 +37,7 @@ int readlink_and_make_absolute(const char *p, char **r);
 #endif // 0
 
 int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid);
+int fchmod_and_chown(int fd, mode_t mode, uid_t uid, gid_t gid);
 
 int fchmod_umask(int fd, mode_t mode);
 int fchmod_opath(int fd, mode_t m);