tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-07-16 18:24:31 +02:00
Code Issues Packages Projects Releases Wiki Activity

Include Utility::SetFileOwnership() inside FS transactions

Browse Source 
to make them even more atomic.
This commit is contained in:
Alexander A. Klimov 2023-01-27 11:51:11 +01:00
parent d22fdf2a7a
commit fd93feaec7
2 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/cli/nodesetupcommand.cpp
View File

@ -524,15 +524,17 @@ int NodeSetupCommand::SetupNode(const boost::program_options::variables_map& vm,
if (!ticket.IsEmpty()) { if (!ticket.IsEmpty()) {
String ticketPath = ApiListener::GetCertsDir() + "/ticket"; String ticketPath = ApiListener::GetCertsDir() + "/ticket";
AtomicFile af (ticketPath, 0600);
AtomicFile::Write(ticketPath, 0600, ticket); if (!Utility::SetFileOwnership(af.GetTempFilename(), user, group)) {
if (!Utility::SetFileOwnership(ticketPath, user, group)) {
Log(LogWarning, "cli") Log(LogWarning, "cli")
<< "Cannot set ownership for user '" << user << "Cannot set ownership for user '" << user
<< "' group '" << group << "' group '" << group
<< "' on file '" << ticketPath << "'. Verify it yourself!"; << "' on file '" << ticketPath << "'. Verify it yourself!";
} }
af << ticket;
af.Commit();
} }
/* If no parent connection was made, the user must supply the ca.crt before restarting Icinga 2.*/ /* If no parent connection was made, the user must supply the ca.crt before restarting Icinga 2.*/

8
lib/cli/nodewizardcommand.cpp
View File

@ -553,15 +553,17 @@ wizard_global_zone_loop_start:
if (!ticket.IsEmpty()) { if (!ticket.IsEmpty()) {
String ticketPath = ApiListener::GetCertsDir() + "/ticket"; String ticketPath = ApiListener::GetCertsDir() + "/ticket";
AtomicFile af (ticketPath, 0600);
AtomicFile::Write(ticketPath, 0600, ticket); if (!Utility::SetFileOwnership(af.GetTempFilename(), user, group)) {
if (!Utility::SetFileOwnership(ticketPath, user, group)) {
Log(LogWarning, "cli") Log(LogWarning, "cli")
<< "Cannot set ownership for user '" << user << "Cannot set ownership for user '" << user
<< "' group '" << group << "' group '" << group
<< "' on file '" << ticketPath << "'. Verify it yourself!"; << "' on file '" << ticketPath << "'. Verify it yourself!";
} }
af << ticket;
af.Commit();
} }
/* If no parent connection was made, the user must supply the ca.crt before restarting Icinga 2.*/ /* If no parent connection was made, the user must supply the ca.crt before restarting Icinga 2.*/