similar to: [PATCH libguestfs] launch: Implement a safer getumask.

The current implementation of getumask involves writing a file with mode 0777 and then testing what mode was created by the kernel. This doesn't work properly if the user set a per-mount umask (or fmask/ dmask). This alternative method was suggested by Josh Stone. By forking, we can use the thread-unsafe method (calling umask) and pass the result back over a pipe. This change also fixes

The current implementation of getumask involves writing a file with mode 0777 and then testing what mode was created by the kernel. This doesn't work properly if the user set a per-mount umask (or fmask/ dmask). This alternative method was suggested by Josh Stone. By forking, we can use the thread-unsafe method (calling umask) and pass the result back over a pipe. This change also fixes

On 04/13/2016 03:43 PM, Richard W.M. Jones wrote: > The current implementation of getumask involves writing a file with > mode 0777 and then testing what mode was created by the kernel. This > doesn't work properly if the user set a per-mount umask (or fmask/ > dmask). > > This alternative method was suggested by Josh Stone. By forking, we > can use the thread-unsafe

On 04/14/2016 03:59 AM, Richard W.M. Jones wrote: > The current implementation of getumask involves writing a file with > mode 0777 and then testing what mode was created by the kernel. This > doesn't work properly if the user set a per-mount umask (or fmask/ > dmask). > > This alternative method was suggested by Josh Stone. By forking, we > can use the thread-unsafe

Since Linux 4.7, the process umask is available in /proc/<pid>/status. See: https://github.com/torvalds/linux/commit/3e42979e65dace1f9268dd5440e5ab096b8dee59 Use this value if available, else fall back to the existing codepath for Linux <= 4.6 and other Unix. --- src/umask.c | 86 +++++++++++++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 78 insertions(+), 8

On Thu, Apr 14, 2016 at 07:38:23AM -0600, Eric Blake wrote: > > + /* Read the umask. */ > > + if (read (fd[0], &mask, sizeof mask) != sizeof mask) { > > + perrorf (g, "read"); > > + close (fd[0]); > > + return -1; > > Oops - this strands a child process. You have to reap the child, even > if the read() failed. Bleah that was

On Thu, Apr 14, 2016 at 08:04:39AM -0600, Eric Blake wrote: > On 04/14/2016 07:57 AM, Richard W.M. Jones wrote: > > On Thu, Apr 14, 2016 at 07:38:23AM -0600, Eric Blake wrote: > >>> + /* Read the umask. */ > >>> + if (read (fd[0], &mask, sizeof mask) != sizeof mask) { > >>> + perrorf (g, "read"); > >>> + close (fd[0]);

On 04/14/2016 07:57 AM, Richard W.M. Jones wrote: > On Thu, Apr 14, 2016 at 07:38:23AM -0600, Eric Blake wrote: >>> + /* Read the umask. */ >>> + if (read (fd[0], &mask, sizeof mask) != sizeof mask) { >>> + perrorf (g, "read"); >>> + close (fd[0]); >>> + return -1; >> >> Oops - this strands a child process. You

Thanks: Eric Blake. --- src/Makefile.am | 1 + src/command.c | 7 ++---- src/guestfs-internal.h | 4 +++ src/launch-direct.c | 11 +++------ src/launch-uml.c | 11 +++------ src/umask.c | 10 ++------ src/wait.c | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++ 7 files changed, 84 insertions(+), 27 deletions(-) create mode 100644

Move to lazy_make_tmpdir the logic for making world-readable (but only for root) newly-created temporary directories, removing the non-fatal code doing that in guestfs_impl_launch. Followup of commit 772f649e595d202bdb67f05aeb62157c1104be89. --- src/launch.c | 7 ------- src/tmpdirs.c | 30 ++++++++++++------------------ 2 files changed, 12 insertions(+), 25 deletions(-) diff --git

BTW this causes valgrind to fail in a particularly strange way. I filed a bug upstream with a minimal reproducer. Do you have any ideas? https://bugs.kde.org/show_bug.cgi?id=361810 Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-p2v converts physical machines to virtual

The API for UNIX sockets limits the path to a static size (usually 104 or 108 characters, NULL included), which is internally represented as UNIX_PATH_MAX. If the temporary directory set is long enough (e.g. when running tools as uninstalled, using "run") then these socket paths get trucated, if not even cause failures when binding the sockets. Introduce a new internal API to create

As Eric Blake noted in: https://www.redhat.com/archives/libguestfs/2016-April/msg00154.html libguestfs doesn't correctly handle the case where waitpid receives a SIGCHLD signal and the main program has registered a non-restartable signal handler. In this case waitpid would return -EINTR and we would print an error, but actually we should retry this case. This adds two new internal functions,

select() has a maximum value for the FDs it can monitor, and since the libguestfs library can be used in other applications, this limit may be hit by users in case lots of FDs are opened. As solution, switch to poll(): it has a slightly better interface to check what changed and for which FD, and it does not have a limit in the value of the FDs monitored. poll() is supported on the platforms we

Inspired by libvirt's virCommand* internal mini-library, this adds some internal APIs for running commands. The first patch contains the new APIs. The subsequent patches change various parts of the library over to use it. Rich.

https://bugzilla.redhat.com/show_bug.cgi?id=769680

On Tuesday, 12 September 2017 14:29:13 CEST Richard W.M. Jones wrote: > +/** > + * Generic functions for reading and writing the cache files, used > + * where we are just reading and writing plain text strings. > + */ > +static int > +generic_read_cache (guestfs_h *g, const char *filename, char **strp) > +{ > + if (access (filename, R_OK) == -1 && errno == ENOENT)

On Wednesday, 26 February 2020 15:08:24 CET Daniel P. Berrangé wrote: > On Wed, Feb 26, 2020 at 02:39:04PM +0100, Pino Toscano wrote: > > select() has a maximum value for the FDs it can monitor, and since > > the libguestfs library can be used in other applications, this limit > > may be hit by users in case lots of FDs are opened. > > > > As solution, switch to

Hi, this patch series fixes few more issues discovered by Coverity. Thanks, Pino Toscano (6): tail: check the return value pf guestfs_set_pgroup daemon: btrfs: check end_stringsbuf return values everywhere java: use cleanup handlers for structs (lists) as return values lib: qemu: improve handling of FILE* p2v: check more return values p2v: fix possible close(-1) issue cat/tail.c

Hi, attached there is the second version of the patch series adding copy_in and copy_out in the library, mostly moving them from guestfish. It also adds the copy_in usage in virt-customize, as aid in a new image building. Thanks, Pino Toscano (7): cmd: add a way to run (and wait) asynchronously commands cmd: add a child-setup callback cmd: add the possibility to get a fd to the process