From patchwork Wed Nov 11 00:36:05 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Andy Zhou <azhou@nicira.com>
X-Patchwork-Id: 542675
Return-Path: <dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from archives.nicira.com (unknown
	[IPv6:2600:3c00::f03c:91ff:fe6e:bdf7])
	by ozlabs.org (Postfix) with ESMTP id 0E14814142D
	for <incoming@patchwork.ozlabs.org>;
	Wed, 11 Nov 2015 11:36:17 +1100 (AEDT)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=nicira_com.20150623.gappssmtp.com
	header.i=@nicira_com.20150623.gappssmtp.com header.b=Inx8TLiU;
	dkim-atps=neutral
Received: from archives.nicira.com (localhost [127.0.0.1])
	by archives.nicira.com (Postfix) with ESMTP id 4060E10A5E;
	Tue, 10 Nov 2015 16:36:16 -0800 (PST)
X-Original-To: dev@openvswitch.org
Delivered-To: dev@openvswitch.org
Received: from mx3v3.cudamail.com (mx3.cudamail.com [64.34.241.5])
	by archives.nicira.com (Postfix) with ESMTPS id DCF3810A12
	for <dev@openvswitch.org>; Tue, 10 Nov 2015 16:36:14 -0800 (PST)
Received: from bar4.cudamail.com (localhost [127.0.0.1])
	by mx3v3.cudamail.com (Postfix) with ESMTPS id 03D0F162BF6
	for <dev@openvswitch.org>; Tue, 10 Nov 2015 17:36:14 -0700 (MST)
X-ASG-Debug-ID: 1447202173-03dc210a9107910001-byXFYA
Received: from mx3-pf1.cudamail.com ([192.168.14.2]) by bar4.cudamail.com
	with
	ESMTP id 8qzXe0FclLBEG0EF (version=TLSv1 cipher=DHE-RSA-AES256-SHA
	bits=256 verify=NO) for <dev@openvswitch.org>;
	Tue, 10 Nov 2015 17:36:13 -0700 (MST)
X-Barracuda-Envelope-From: azhou@nicira.com
X-Barracuda-RBL-Trusted-Forwarder: 192.168.14.2
Received: from unknown (HELO mail-pa0-f44.google.com) (209.85.220.44)
	by mx3-pf1.cudamail.com with ESMTPS (RC4-SHA encrypted);
	11 Nov 2015 00:36:13 -0000
Received-SPF: unknown (mx3-pf1.cudamail.com: Multiple SPF records returned)
X-Barracuda-RBL-Trusted-Forwarder: 209.85.220.44
Received: by pabfh17 with SMTP id fh17so13065845pab.0
	for <dev@openvswitch.org>; Tue, 10 Nov 2015 16:36:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=nicira_com.20150623.gappssmtp.com; s=20150623;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=HtAxyhTTF0y/gTuRKYF3eGQjHemUpnNHUop/32fIeRw=;
	b=Inx8TLiUXIFIJ7IZgKJ3LHJa2GU7FTo8qPLypf6eRSX4qAVj8DJ/iXnzQ5BcG6hAuH
	+y91QjpPRyGFXtVAZvKCU9DiEXCqHi7POlhEBW3VJ7WybG7H0maep4mWaFgXvHgNQG9a
	A2G9HMxD8mIcrAP7DMOfl9bQw4cVGHYZSowjVjmS7BNoneKxFCzryAcJ4wKUp3/rbtdy
	BgYgLMaa0HYNEHsEDpivItFRn8RzEaBedBdDVy2lDZaIuLqfQmdF3Txt2coUFCnCw/XT
	QnizqVXOL97KGuld9akvGgo0q/A/ukkUxx7+bhHz1j2Z5HeZwInooh321bQDnjg4JcFI
	xn/w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=HtAxyhTTF0y/gTuRKYF3eGQjHemUpnNHUop/32fIeRw=;
	b=VL6hbXfEUu22qQzv23a2T5XnF81p6+IvmP91qoK5QFI/RcJYK5qkLnTN64RBMz8OAB
	EmOpHWSFcbC0OT3uEmqebA7tOAHLlVJWE0qwm0sLTXTLd7pWbzpOUxr0U1BN0/C+li7T
	tir9jq7PnooI5JAbnBVeOJ4Y0n/uJ0L8ObyMYekKz9T9Jyd6gS0wRHNBd7UQrQdBkn/C
	+gSG6pFsKjJbf28fn4SUs5eTa3lce3e+G6JN12gc7v3jf+ysD4eM9/m0smdf+uL2HHWY
	2oGTmjPsqmVLIVmCRfLLNJGYBqmj5iLnVMBqOY9Y9fkZcblMZ4Or996SrkZJOeUK9dr7
	GbFQ==
X-Gm-Message-State: 
 ALoCoQlZVVzGmrOblrxj94ZUjHw5xGq5kIv1v0gei2OaQU1GBEvkY1tIvXnUDGVeO4zEnde+cvKD
X-Received: by 10.68.223.226 with SMTP id qx2mr9937755pbc.157.1447202172859;
	Tue, 10 Nov 2015 16:36:12 -0800 (PST)
Received: from ubuntu.localdomain ([208.91.1.34])
	by smtp.gmail.com with ESMTPSA id
	k10sm6308326pbq.78.2015.11.10.16.36.12
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Tue, 10 Nov 2015 16:36:12 -0800 (PST)
X-CudaMail-Envelope-Sender: azhou@nicira.com
X-Barracuda-Apparent-Source-IP: 208.91.1.34
From: Andy Zhou <azhou@nicira.com>
To: dev@openvswitch.org
X-CudaMail-Whitelist-To: dev@openvswitch.org
X-CudaMail-MID: CM-V1-1109066414
X-CudaMail-DTE: 111015
X-CudaMail-Originating-IP: 209.85.220.44
Date: Tue, 10 Nov 2015 16:36:05 -0800
X-ASG-Orig-Subj: [##CM-V1-1109066414##][additional --user changes v3 2/3]
	vlog: change log file owner when switching user
Message-Id: <1447202166-16842-2-git-send-email-azhou@nicira.com>
X-Mailer: git-send-email 1.9.1
In-Reply-To: <1447202166-16842-1-git-send-email-azhou@nicira.com>
References: <1447202166-16842-1-git-send-email-azhou@nicira.com>
X-Barracuda-Connect: UNKNOWN[192.168.14.2]
X-Barracuda-Start-Time: 1447202173
X-Barracuda-Encrypted: DHE-RSA-AES256-SHA
X-Barracuda-URL: https://web.cudamail.com:443/cgi-mod/mark.cgi
X-ASG-Whitelist: Header =?UTF-8?B?eFwtY3VkYW1haWxcLXdoaXRlbGlzdFwtdG8=?=
X-Virus-Scanned: by bsmtpd at cudamail.com
X-Barracuda-BRTS-Status: 1
Subject: [ovs-dev] [additional --user changes v3 2/3] vlog: change log file
	owner when switching user
X-BeenThere: dev@openvswitch.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: <dev.openvswitch.org>
List-Unsubscribe: <http://openvswitch.org/mailman/options/dev>,
	<mailto:dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://openvswitch.org/pipermail/dev>
List-Post: <mailto:dev@openvswitch.org>
List-Help: <mailto:dev-request@openvswitch.org?subject=help>
List-Subscribe: <http://openvswitch.org/mailman/listinfo/dev>,
	<mailto:dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: dev-bounces@openvswitch.org
Sender: "dev" <dev-bounces@openvswitch.org>

vlog log file can be created when parsing --log-file option, before
switching user, in case the --user option is also specified. While this
does not directly cause errors for the running daemons, it can
leave the log files on the disk looks confusing with a mixture of
ownership settings, since the packaging script supply the --user
option to all daemons usually changes owner of OVS log files into
non-root as well.  This patch fix the log file ownership to the
user specified with --user.

Signed-off-by: Andy Zhou <azhou@nicira.com>
---
v1->v2: Add a comment on vlog_change_owner return code.
---
 include/openvswitch/vlog.h |  1 +
 lib/daemon-unix.c          |  9 ++++++++-
 lib/vlog.c                 | 25 ++++++++++++++++++++++++-
 3 files changed, 33 insertions(+), 2 deletions(-)

diff --git a/include/openvswitch/vlog.h b/include/openvswitch/vlog.h
index f6bb3ab..139dfb9 100644
--- a/include/openvswitch/vlog.h
+++ b/include/openvswitch/vlog.h
@@ -143,6 +143,7 @@ void vlog_set_verbosity(const char *arg);
 void vlog_set_pattern(enum vlog_destination, const char *pattern);
 int vlog_set_log_file(const char *file_name);
 int vlog_reopen_log_file(void);
+int vlog_change_owner(uid_t, gid_t);
 
 /* Configure method how vlog should send messages to syslog server. */
 void vlog_set_syslog_method(const char *method);
diff --git a/lib/daemon-unix.c b/lib/daemon-unix.c
index 0125745..3557bc0 100644
--- a/lib/daemon-unix.c
+++ b/lib/daemon-unix.c
@@ -739,7 +739,7 @@ daemon_switch_group(gid_t real, gid_t effective,
 {
     if ((setresgid(real, effective, saved) == -1) ||
         !gid_verify(real, effective, saved)) {
-        VLOG_FATAL("%s: fail to switch group to gid as %d, aborting",
+        VLOG_FATAL("%s: failed to switch group to gid as %d, aborting",
                    pidfile, gid);
     }
 }
@@ -847,6 +847,13 @@ daemon_become_new_user_linux(bool access_datapath OVS_UNUSED)
 static void
 daemon_become_new_user__(bool access_datapath)
 {
+    /* If vlog file has been created, change its owner to the non-root user
+     * as specifed by the --user option.  */
+    if (vlog_change_owner(uid, gid)) {
+        VLOG_FATAL("%s: fail to change owner of the log file from root "
+                   "to user %s", pidfile, user);
+    }
+
     if (LINUX) {
         if (LIBCAPNG) {
             daemon_become_new_user_linux(access_datapath);
diff --git a/lib/vlog.c b/lib/vlog.c
index da31e6f..f921701 100644
--- a/lib/vlog.c
+++ b/lib/vlog.c
@@ -105,7 +105,7 @@ DEFINE_STATIC_PER_THREAD_DATA(unsigned int, msg_num, 0);
  * All of the following is protected by 'log_file_mutex', which nests inside
  * pattern_rwlock. */
 static struct ovs_mutex log_file_mutex = OVS_MUTEX_INITIALIZER;
-static char *log_file_name OVS_GUARDED_BY(log_file_mutex);
+static char *log_file_name = NULL OVS_GUARDED_BY(log_file_mutex);
 static int log_fd OVS_GUARDED_BY(log_file_mutex) = -1;
 static struct async_append *log_writer OVS_GUARDED_BY(log_file_mutex);
 static bool log_async OVS_GUARDED_BY(log_file_mutex);
@@ -430,6 +430,29 @@ vlog_reopen_log_file(void)
     }
 }
 
+/* In case a log file exists, change its owner to new 'user' and 'group'.
+ *
+ * This is useful for handling cases where the --log-file option is
+ * specified ahead of the --user option.
+ * 
+ * Return 0 if log file has not been created. Otherwise the return
+ * code is the same as specified by chown(2).  */
+int
+vlog_change_owner(uid_t user, gid_t group)
+{
+    int error;
+
+    if (log_file_name) {
+        ovs_mutex_lock(&log_file_mutex);
+        error = chown(log_file_name, user, group);
+        ovs_mutex_unlock(&log_file_mutex);
+    } else {
+        error = 0;
+    }
+
+    return error;
+}
+
 /* Set debugging levels.  Returns null if successful, otherwise an error
  * message that the caller must free(). */
 char *