Fix race condition when setting up /run/firejail files (#1013)

author: Fabian Würfl <fabian.wuerfl@gmx.at> 2017-06-30 11:47:46 +0200
committer: Fabian Würfl <fabian.wuerfl@gmx.at> 2017-06-30 11:47:46 +0200
commit: 968dc2aba10e9b2c5c8d2975cde1337cf7586dea (patch)
tree: a8dbec61afe1f710dc18170a3fda995fda696308 /src
parent: geary typo (diff)
download: firejail-968dc2aba10e9b2c5c8d2975cde1337cf7586dea.tar.gz
firejail-968dc2aba10e9b2c5c8d2975cde1337cf7586dea.tar.zst
firejail-968dc2aba10e9b2c5c8d2975cde1337cf7586dea.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/src/firejail/util.c b/src/firejail/util.c
index acbc19234..9ad7271ba 100644
--- a/src/firejail/util.c
+++ b/src/firejail/util.c
@@ -821,7 +821,9 @@ void create_empty_dir_as_root(const char *dir, mode_t mode) {
                if (arg_debug)
                        printf("Creating empty %s directory\n", dir);
                /* coverity[toctou] */
-                if (mkdir(dir, mode) == -1)
+                // don't fail if directory already exists. This can be the case in a race
+                // condition, when two jails launch at the same time. See #1013
+                if (mkdir(dir, mode) == -1 && errno != EEXIST)
                        errExit("mkdir");
                if (set_perms(dir, 0, 0, mode))
                        errExit("set_perms");
author	Fabian Würfl <fabian.wuerfl@gmx.at>	2017-06-30 11:47:46 +0200
committer	Fabian Würfl <fabian.wuerfl@gmx.at>	2017-06-30 11:47:46 +0200
commit	968dc2aba10e9b2c5c8d2975cde1337cf7586dea (patch)
tree	a8dbec61afe1f710dc18170a3fda995fda696308 /src
parent	geary typo (diff)
download	firejail-968dc2aba10e9b2c5c8d2975cde1337cf7586dea.tar.gz firejail-968dc2aba10e9b2c5c8d2975cde1337cf7586dea.tar.zst firejail-968dc2aba10e9b2c5c8d2975cde1337cf7586dea.zip