Merge pull request #4591 from kmk3/replace-iwrite-iwuser

s/S_IWRITE/S_IWUSR/
author: netblue30 <netblue30@protonmail.com> 2021-10-09 14:04:05 +0000
committer: GitHub <noreply@github.com> 2021-10-09 14:04:05 +0000
commit: 6c9e2636e7e46eacd8f4f75de1fe5675d4a16686 (patch)
tree: 490ce253fa8c6836f87f141da46512bd3f848bc0
parent: Merge pull request #4583 from kmk3/fix-include-limits-h (diff)
parent: Merge branch 'master' into replace-iwrite-iwuser (diff)
download: firejail-6c9e2636e7e46eacd8f4f75de1fe5675d4a16686.tar.gz
firejail-6c9e2636e7e46eacd8f4f75de1fe5675d4a16686.tar.zst
firejail-6c9e2636e7e46eacd8f4f75de1fe5675d4a16686.zip
6 files changed, 10 insertions, 10 deletions
diff --git a/src/firejail/chroot.c b/src/firejail/chroot.c
index 37ec22117..9425638ea 100644
--- a/src/firejail/chroot.c
+++ b/src/firejail/chroot.c
@@ -86,7 +86,7 @@ static void update_file(int parentfd, const char *relpath) {
        if (arg_debug)
                printf("Updating chroot /%s\n", relpath);
        unlinkat(parentfd, relpath, 0);
-        int out = openat(parentfd, relpath, O_WRONLY|O_CREAT|O_EXCL|O_CLOEXEC, S_IRUSR | S_IWRITE | S_IRGRP | S_IROTH);
+        int out = openat(parentfd, relpath, O_WRONLY|O_CREAT|O_EXCL|O_CLOEXEC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
        if (out == -1) {
                close(in);
                goto errout;
diff --git a/src/firejail/fs_hostname.c b/src/firejail/fs_hostname.c
index f7ce8c18f..8b7e94f51 100644
--- a/src/firejail/fs_hostname.c
+++ b/src/firejail/fs_hostname.c
@@ -32,7 +32,7 @@ void fs_hostname(const char *hostname) {
                if (arg_debug)
                        printf("Creating a new /etc/hostname file\n");
-                create_empty_file_as_root(RUN_HOSTNAME_FILE, S_IRUSR | S_IWRITE | S_IRGRP | S_IROTH);
+                create_empty_file_as_root(RUN_HOSTNAME_FILE, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
                // bind-mount the file on top of /etc/hostname
                if (mount(RUN_HOSTNAME_FILE, "/etc/hostname", NULL, MS_BIND|MS_REC, NULL) < 0)
@@ -74,7 +74,7 @@ void fs_hostname(const char *hostname) {
                }
                fclose(fp1);
                // mode and owner
-                SET_PERMS_STREAM(fp2, 0, 0, S_IRUSR | S_IWRITE | S_IRGRP | S_IROTH);
+                SET_PERMS_STREAM(fp2, 0, 0, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
                fclose(fp2);
                // bind-mount the file on top of /etc/hostname
diff --git a/src/firejail/fs_trace.c b/src/firejail/fs_trace.c
index 28852a689..17a7b3d23 100644
--- a/src/firejail/fs_trace.c
+++ b/src/firejail/fs_trace.c
@@ -53,7 +53,7 @@ void fs_tracefile(void) {
        if (arg_debug)
                printf("Creating an empty trace log file: %s\n", arg_tracefile);
        EUID_USER();
-        int fd = open(arg_tracefile, O_CREAT|O_WRONLY|O_CLOEXEC, S_IRUSR | S_IWRITE | S_IRGRP | S_IROTH);
+        int fd = open(arg_tracefile, O_CREAT|O_WRONLY|O_CLOEXEC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
        if (fd == -1) {
                perror("open");
                fprintf(stderr, "Error: cannot open trace log file %s for writing\n", arg_tracefile);
@@ -106,7 +106,7 @@ void fs_trace(void) {
                fmessage("Post-exec seccomp protector enabled\n");
        }
-        SET_PERMS_STREAM(fp, 0, 0, S_IRUSR | S_IWRITE | S_IRGRP | S_IROTH);
+        SET_PERMS_STREAM(fp, 0, 0, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
        fclose(fp);
        // mount the new preload file
diff --git a/src/firejail/fs_var.c b/src/firejail/fs_var.c
index 5ba38d46c..e19d0df96 100644
--- a/src/firejail/fs_var.c
+++ b/src/firejail/fs_var.c
@@ -128,7 +128,7 @@ void fs_var_log(void) {
                /* coverity[toctou] */
                FILE *fp = fopen("/var/log/wtmp", "wxe");
                if (fp) {
-                        SET_PERMS_STREAM(fp, 0, wtmp_group, S_IRUSR | S_IWRITE | S_IRGRP | S_IWGRP | S_IROTH);
+                        SET_PERMS_STREAM(fp, 0, wtmp_group, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH);
                        fclose(fp);
                }
                fs_logger("touch /var/log/wtmp");
@@ -136,7 +136,7 @@ void fs_var_log(void) {
                // create an empty /var/log/btmp file
                fp = fopen("/var/log/btmp", "wxe");
                if (fp) {
-                        SET_PERMS_STREAM(fp, 0, wtmp_group, S_IRUSR | S_IWRITE | S_IRGRP | S_IWGRP);
+                        SET_PERMS_STREAM(fp, 0, wtmp_group, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
                        fclose(fp);
                }
                fs_logger("touch /var/log/btmp");
@@ -313,7 +313,7 @@ void fs_var_utmp(void) {
        // save new utmp file
        int rv = fwrite(&u_boot, sizeof(u_boot), 1, fp);
        (void) rv;
-        SET_PERMS_STREAM(fp, 0, utmp_group, S_IRUSR | S_IWRITE | S_IRGRP | S_IWGRP | S_IROTH);
+        SET_PERMS_STREAM(fp, 0, utmp_group, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH);
        fclose(fp);
        // mount the new utmp file
diff --git a/src/firejail/ls.c b/src/firejail/ls.c
index 70985ba9e..53e918dde 100644
--- a/src/firejail/ls.c
+++ b/src/firejail/ls.c
@@ -305,7 +305,7 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) {
                }
                // create destination file if necessary
                EUID_ASSERT();
-                int fd = open(dest_fname, O_WRONLY|O_CREAT|O_CLOEXEC, S_IRUSR | S_IWRITE);
+                int fd = open(dest_fname, O_WRONLY|O_CREAT|O_CLOEXEC, S_IRUSR | S_IWUSR);
                if (fd == -1) {
                        fprintf(stderr, "Error: cannot open %s for writing\n", dest_fname);
                        exit(1);
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index b776a0cc5..d66b6c573 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -204,7 +204,7 @@ static void save_umask(void) {
 }
 static char *create_join_file(void) {
-        int fd = open(RUN_JOIN_FILE, O_RDWR|O_CREAT|O_EXCL|O_CLOEXEC, S_IRUSR | S_IWRITE | S_IRGRP | S_IROTH);
+        int fd = open(RUN_JOIN_FILE, O_RDWR|O_CREAT|O_EXCL|O_CLOEXEC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
        if (fd == -1)
                errExit("open");
        if (ftruncate(fd, 1) == -1)
author	netblue30 <netblue30@protonmail.com>	2021-10-09 14:04:05 +0000
committer	GitHub <noreply@github.com>	2021-10-09 14:04:05 +0000
commit	6c9e2636e7e46eacd8f4f75de1fe5675d4a16686 (patch)
tree	490ce253fa8c6836f87f141da46512bd3f848bc0
parent	Merge pull request #4583 from kmk3/fix-include-limits-h (diff)
parent	Merge branch 'master' into replace-iwrite-iwuser (diff)
download	firejail-6c9e2636e7e46eacd8f4f75de1fe5675d4a16686.tar.gz firejail-6c9e2636e7e46eacd8f4f75de1fe5675d4a16686.tar.zst firejail-6c9e2636e7e46eacd8f4f75de1fe5675d4a16686.zip

diff --git a/src/firejail/chroot.c b/src/firejail/chroot.c index 37ec22117..9425638ea 100644 --- a/src/firejail/chroot.c +++ b/src/firejail/chroot.c
@@ -86,7 +86,7 @@ static void update_file(int parentfd, const char *relpath) {
86	if (arg_debug)	86	if (arg_debug)
87	printf("Updating chroot /%s\n", relpath);	87	printf("Updating chroot /%s\n", relpath);
88	unlinkat(parentfd, relpath, 0);	88	unlinkat(parentfd, relpath, 0);
89	int out = openat(parentfd, relpath, O_WRONLY\|O_CREAT\|O_EXCL\|O_CLOEXEC, S_IRUSR \| S_IWRITE \| S_IRGRP \| S_IROTH);	89	int out = openat(parentfd, relpath, O_WRONLY\|O_CREAT\|O_EXCL\|O_CLOEXEC, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
90	if (out == -1) {	90	if (out == -1) {
91	close(in);	91	close(in);
92	goto errout;	92	goto errout;


diff --git a/src/firejail/fs_hostname.c b/src/firejail/fs_hostname.c index f7ce8c18f..8b7e94f51 100644 --- a/src/firejail/fs_hostname.c +++ b/src/firejail/fs_hostname.c
@@ -32,7 +32,7 @@ void fs_hostname(const char *hostname) {
32	if (arg_debug)	32	if (arg_debug)
33	printf("Creating a new /etc/hostname file\n");	33	printf("Creating a new /etc/hostname file\n");
34		34
35	create_empty_file_as_root(RUN_HOSTNAME_FILE, S_IRUSR \| S_IWRITE \| S_IRGRP \| S_IROTH);	35	create_empty_file_as_root(RUN_HOSTNAME_FILE, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
36		36
37	// bind-mount the file on top of /etc/hostname	37	// bind-mount the file on top of /etc/hostname
38	if (mount(RUN_HOSTNAME_FILE, "/etc/hostname", NULL, MS_BIND\|MS_REC, NULL) < 0)	38	if (mount(RUN_HOSTNAME_FILE, "/etc/hostname", NULL, MS_BIND\|MS_REC, NULL) < 0)
@@ -74,7 +74,7 @@ void fs_hostname(const char *hostname) {
74	}	74	}
75	fclose(fp1);	75	fclose(fp1);
76	// mode and owner	76	// mode and owner
77	SET_PERMS_STREAM(fp2, 0, 0, S_IRUSR \| S_IWRITE \| S_IRGRP \| S_IROTH);	77	SET_PERMS_STREAM(fp2, 0, 0, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
78	fclose(fp2);	78	fclose(fp2);
79		79
80	// bind-mount the file on top of /etc/hostname	80	// bind-mount the file on top of /etc/hostname


diff --git a/src/firejail/fs_trace.c b/src/firejail/fs_trace.c index 28852a689..17a7b3d23 100644 --- a/src/firejail/fs_trace.c +++ b/src/firejail/fs_trace.c
@@ -53,7 +53,7 @@ void fs_tracefile(void) {
53	if (arg_debug)	53	if (arg_debug)
54	printf("Creating an empty trace log file: %s\n", arg_tracefile);	54	printf("Creating an empty trace log file: %s\n", arg_tracefile);
55	EUID_USER();	55	EUID_USER();
56	int fd = open(arg_tracefile, O_CREAT\|O_WRONLY\|O_CLOEXEC, S_IRUSR \| S_IWRITE \| S_IRGRP \| S_IROTH);	56	int fd = open(arg_tracefile, O_CREAT\|O_WRONLY\|O_CLOEXEC, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
57	if (fd == -1) {	57	if (fd == -1) {
58	perror("open");	58	perror("open");
59	fprintf(stderr, "Error: cannot open trace log file %s for writing\n", arg_tracefile);	59	fprintf(stderr, "Error: cannot open trace log file %s for writing\n", arg_tracefile);
@@ -106,7 +106,7 @@ void fs_trace(void) {
106	fmessage("Post-exec seccomp protector enabled\n");	106	fmessage("Post-exec seccomp protector enabled\n");
107	}	107	}
108		108
109	SET_PERMS_STREAM(fp, 0, 0, S_IRUSR \| S_IWRITE \| S_IRGRP \| S_IROTH);	109	SET_PERMS_STREAM(fp, 0, 0, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
110	fclose(fp);	110	fclose(fp);
111		111
112	// mount the new preload file	112	// mount the new preload file


diff --git a/src/firejail/fs_var.c b/src/firejail/fs_var.c index 5ba38d46c..e19d0df96 100644 --- a/src/firejail/fs_var.c +++ b/src/firejail/fs_var.c
@@ -128,7 +128,7 @@ void fs_var_log(void) {
128	/* coverity[toctou] */	128	/* coverity[toctou] */
129	FILE *fp = fopen("/var/log/wtmp", "wxe");	129	FILE *fp = fopen("/var/log/wtmp", "wxe");
130	if (fp) {	130	if (fp) {
131	SET_PERMS_STREAM(fp, 0, wtmp_group, S_IRUSR \| S_IWRITE \| S_IRGRP \| S_IWGRP \| S_IROTH);	131	SET_PERMS_STREAM(fp, 0, wtmp_group, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IWGRP \| S_IROTH);
132	fclose(fp);	132	fclose(fp);
133	}	133	}
134	fs_logger("touch /var/log/wtmp");	134	fs_logger("touch /var/log/wtmp");
@@ -136,7 +136,7 @@ void fs_var_log(void) {
136	// create an empty /var/log/btmp file	136	// create an empty /var/log/btmp file
137	fp = fopen("/var/log/btmp", "wxe");	137	fp = fopen("/var/log/btmp", "wxe");
138	if (fp) {	138	if (fp) {
139	SET_PERMS_STREAM(fp, 0, wtmp_group, S_IRUSR \| S_IWRITE \| S_IRGRP \| S_IWGRP);	139	SET_PERMS_STREAM(fp, 0, wtmp_group, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IWGRP);
140	fclose(fp);	140	fclose(fp);
141	}	141	}
142	fs_logger("touch /var/log/btmp");	142	fs_logger("touch /var/log/btmp");
@@ -313,7 +313,7 @@ void fs_var_utmp(void) {
313	// save new utmp file	313	// save new utmp file
314	int rv = fwrite(&u_boot, sizeof(u_boot), 1, fp);	314	int rv = fwrite(&u_boot, sizeof(u_boot), 1, fp);
315	(void) rv;	315	(void) rv;
316	SET_PERMS_STREAM(fp, 0, utmp_group, S_IRUSR \| S_IWRITE \| S_IRGRP \| S_IWGRP \| S_IROTH);	316	SET_PERMS_STREAM(fp, 0, utmp_group, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IWGRP \| S_IROTH);
317	fclose(fp);	317	fclose(fp);
318		318
319	// mount the new utmp file	319	// mount the new utmp file


diff --git a/src/firejail/ls.c b/src/firejail/ls.c index 70985ba9e..53e918dde 100644 --- a/src/firejail/ls.c +++ b/src/firejail/ls.c
@@ -305,7 +305,7 @@ void sandboxfs(int op, pid_t pid, const char path1, const char path2) {
305	}	305	}
306	// create destination file if necessary	306	// create destination file if necessary
307	EUID_ASSERT();	307	EUID_ASSERT();
308	int fd = open(dest_fname, O_WRONLY\|O_CREAT\|O_CLOEXEC, S_IRUSR \| S_IWRITE);	308	int fd = open(dest_fname, O_WRONLY\|O_CREAT\|O_CLOEXEC, S_IRUSR \| S_IWUSR);
309	if (fd == -1) {	309	if (fd == -1) {
310	fprintf(stderr, "Error: cannot open %s for writing\n", dest_fname);	310	fprintf(stderr, "Error: cannot open %s for writing\n", dest_fname);
311	exit(1);	311	exit(1);


diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index b776a0cc5..d66b6c573 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c
@@ -204,7 +204,7 @@ static void save_umask(void) {
204	}	204	}
205		205
206	static char *create_join_file(void) {	206	static char *create_join_file(void) {
207	int fd = open(RUN_JOIN_FILE, O_RDWR\|O_CREAT\|O_EXCL\|O_CLOEXEC, S_IRUSR \| S_IWRITE \| S_IRGRP \| S_IROTH);	207	int fd = open(RUN_JOIN_FILE, O_RDWR\|O_CREAT\|O_EXCL\|O_CLOEXEC, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
208	if (fd == -1)	208	if (fd == -1)
209	errExit("open");	209	errExit("open");
210	if (ftruncate(fd, 1) == -1)	210	if (ftruncate(fd, 1) == -1)