major cleanup and testing

author: netblue30 <netblue30@yahoo.com> 2016-11-13 10:47:20 -0500
committer: netblue30 <netblue30@yahoo.com> 2016-11-13 10:47:20 -0500
commit: 63e16bfcd9f79c63f3801f51df4840f74fa6f41b (patch)
tree: fa62784ad7ff5becbb4856ed84264cb5d4de8828 /src
parent: set_perms cleanup (diff)
download: firejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.tar.gz
firejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.tar.zst
firejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.zip
9 files changed, 80 insertions, 147 deletions
diff --git a/src/firejail/appimage.c b/src/firejail/appimage.c
index 96c054048..a658173eb 100644
--- a/src/firejail/appimage.c
+++ b/src/firejail/appimage.c
@@ -94,14 +94,8 @@ void appimage_set(const char *appimage_path) {
        if (asprintf(&mntdir, "%s/.appimage-%u",  RUN_FIREJAIL_APPIMAGE_DIR, getpid()) == -1)
                errExit("asprintf");
        EUID_ROOT();
-        if (mkdir(mntdir, 0700) == -1) {
+        mkdir_attr(mntdir, 0700, getuid(), getgid());
-                fprintf(stderr, "Error: cannot create appimage mount point\n");
-                exit(1);
-        }
-        if (set_perms(mntdir, getuid(), getgid(), 0700))
-                errExit("set_perms");
        EUID_USER();
-        ASSERT_PERMS(mntdir, getuid(), getgid(), 0700);
        
        // mount
        char *mode;
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index 282271a64..d7ba539e6 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -461,6 +461,7 @@ void flush_stdin(void);
 void create_empty_dir_as_root(const char *dir, mode_t mode);
 void create_empty_file_as_root(const char *dir, mode_t mode);
 int set_perms(const char *fname, uid_t uid, gid_t gid, mode_t mode);
+void mkdir_attr(const char *fname, mode_t mode, uid_t uid, gid_t gid);
 // fs_var.c
 void fs_var_log(void);  // mounting /var/log
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index 3a2fd8c38..7ff7e3c59 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -247,21 +247,13 @@ void fs_blacklist(void) {
                // process bind command
                if (strncmp(entry->data, "bind ", 5) == 0)  {
+                        struct stat s;
                        char *dname1 = entry->data + 5;
                        char *dname2 = split_comma(dname1);
-                        if (dname2 == NULL) {
+                        if (dname2 == NULL ||
-                                fprintf(stderr, "Error: second directory missing in bind command\n");
+                            stat(dname1, &s) == -1 ||
-                                entry = entry->next;
+                            stat(dname2, &s) == -1) {
-                                continue;
+                                fprintf(stderr, "Error: invalid bind command, directory missing\n");
-                        }
-                        struct stat s;
-                        if (stat(dname1, &s) == -1) {
-                                fprintf(stderr, "Error: cannot find %s for bind command\n", dname1);
-                                entry = entry->next;
-                                continue;
-                        }
-                        if (stat(dname2, &s) == -1) {
-                                fprintf(stderr, "Error: cannot find %s for bind command\n", dname2);
                                entry = entry->next;
                                continue;
                        }
@@ -410,10 +402,9 @@ void fs_rdonly(const char *dir) {
        int rv = stat(dir, &s);
        if (rv == 0) {
                // mount --bind /bin /bin
-                if (mount(dir, dir, NULL, MS_BIND|MS_REC, NULL) < 0)
-                        errExit("mount read-only");
                // mount --bind -o remount,ro /bin
-                if (mount(NULL, dir, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY|MS_REC, NULL) < 0)
+                if (mount(dir, dir, NULL, MS_BIND|MS_REC, NULL) < 0 ||
+                    mount(NULL, dir, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY|MS_REC, NULL) < 0)
                        errExit("mount read-only");
                fs_logger2("read-only", dir);
        }
@@ -428,15 +419,15 @@ static void fs_rdwr(const char *dir) {
                // if the file is outside /home directory, allow only root user
                uid_t u = getuid();
                if (u != 0 && s.st_uid != u) {
-                        fprintf(stderr, "Warning: you are not allowed to change %s to read-write\n", dir);
+                        if (!arg_quiet)
+                                fprintf(stderr, "Warning: you are not allowed to change %s to read-write\n", dir);
                        return;
                }
                
                // mount --bind /bin /bin
-                if (mount(dir, dir, NULL, MS_BIND|MS_REC, NULL) < 0)
-                        errExit("mount read-write");
                // mount --bind -o remount,rw /bin
-                if (mount(NULL, dir, NULL, MS_BIND|MS_REMOUNT|MS_REC, NULL) < 0)
+                if (mount(dir, dir, NULL, MS_BIND|MS_REC, NULL) < 0 || 
+                    mount(NULL, dir, NULL, MS_BIND|MS_REMOUNT|MS_REC, NULL) < 0)
                        errExit("mount read-write");
                fs_logger2("read-write", dir);
        }
@@ -449,37 +440,16 @@ void fs_noexec(const char *dir) {
        int rv = stat(dir, &s);
        if (rv == 0) {
                // mount --bind /bin /bin
-                if (mount(dir, dir, NULL, MS_BIND|MS_REC, NULL) < 0)
-                        errExit("mount noexec");
                // mount --bind -o remount,ro /bin
-                if (mount(NULL, dir, NULL, MS_BIND|MS_REMOUNT|MS_NOEXEC|MS_NODEV|MS_NOSUID|MS_REC, NULL) < 0)
+                if (mount(dir, dir, NULL, MS_BIND|MS_REC, NULL) < 0 || 
-                        errExit("mount read-only");
+                    mount(NULL, dir, NULL, MS_BIND|MS_REMOUNT|MS_NOEXEC|MS_NODEV|MS_NOSUID|MS_REC, NULL) < 0)
+                        errExit("mount noexec");
                fs_logger2("noexec", dir);
        }
 }
-void fs_rdonly_noexit(const char *dir) {
-        assert(dir);
-        // check directory exists
-        struct stat s;
-        int rv = stat(dir, &s);
-        if (rv == 0) {
-                int merr = 0;
-                // mount --bind /bin /bin
-                if (mount(dir, dir, NULL, MS_BIND|MS_REC, NULL) < 0)
-                        merr = 1;
-                // mount --bind -o remount,ro /bin
-                if (mount(NULL, dir, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY|MS_REC, NULL) < 0)
-                        merr = 1;
-                if (merr)
-                        fprintf(stderr, "Warning: cannot mount %s read-only\n", dir); 
-                else
-                        fs_logger2("read-only", dir);
-        }
-}
 // mount /proc and /sys directories
 void fs_proc_sys_dev_boot(void) {
        if (arg_debug)
@@ -489,10 +459,8 @@ void fs_proc_sys_dev_boot(void) {
        fs_logger("remount /proc");
        // remount /proc/sys readonly
-        if (mount("/proc/sys", "/proc/sys", NULL, MS_BIND | MS_REC, NULL) < 0)
+        if (mount("/proc/sys", "/proc/sys", NULL, MS_BIND | MS_REC, NULL) < 0 ||
-                errExit("mounting /proc/sys");
+            mount(NULL, "/proc/sys", NULL, MS_BIND | MS_REMOUNT | MS_RDONLY | MS_REC, NULL) < 0)
-        if (mount(NULL, "/proc/sys", NULL, MS_BIND | MS_REMOUNT | MS_RDONLY | MS_REC, NULL) < 0)
                errExit("mounting /proc/sys");
        fs_logger("read-only /proc/sys");
@@ -646,12 +614,7 @@ char *fs_check_overlay_dir(const char *subdirname, int allow_reuse) {
        if (asprintf(&dirname, "%s/.firejail", cfg.homedir) == -1)
                errExit("asprintf");
        if (stat(dirname, &s) == -1) {
-                /* coverity[toctou] */
+                mkdir_attr(dirname, 0700, 0, 0);
-                if (mkdir(dirname, 0700))
-                        errExit("mkdir");
-                if (chmod(dirname, 0700) == -1)
-                        errExit("chmod");
-                ASSERT_PERMS(dirname, getuid(), getgid(), 0700);
        }
        else if (is_link(dirname)) {
                fprintf(stderr, "Error: invalid ~/.firejail directory\n");
@@ -733,11 +696,7 @@ void fs_overlayfs(void) {
        char *oroot;
        if(asprintf(&oroot, "%s/oroot", RUN_MNT_DIR) == -1)
                errExit("asprintf");
-        if (mkdir(oroot, 0755))
+        mkdir_attr(oroot, 0755, 0, 0);
-                errExit("mkdir");
-        if (chmod(oroot, 0755) == -1)
-                errExit("chmod");
-        ASSERT_PERMS(oroot, 0, 0, 0755);
        struct stat s;
        char *basedir = RUN_MNT_DIR;
@@ -766,11 +725,9 @@ void fs_overlayfs(void) {
        // no need to check arg_overlay_reuse
        if (stat(odiff, &s) != 0) {
-                if (mkdir(odiff, 0755))
+                mkdir_attr(odiff, 0755, 0, 0);
-                        errExit("mkdir");
        }
+        else if (set_perms(odiff, 0, 0, 0755))
-        if (set_perms(odiff, 0, 0, 0755))
                errExit("set_perms");
        
        char *owork;
@@ -779,11 +736,9 @@ void fs_overlayfs(void) {
        // no need to check arg_overlay_reuse
        if (stat(owork, &s) != 0) {
-                if (mkdir(owork, 0755))
+                mkdir_attr(owork, 0755, 0, 0);
-                        errExit("mkdir");
        }
+        else if (set_perms(owork, 0, 0, 0755))
-        if (set_perms(owork, 0, 0, 0755))
                errExit("chown");
        
        // mount overlayfs
@@ -839,11 +794,9 @@ void fs_overlayfs(void) {
                                // no need to check arg_overlay_reuse
                                if (stat(hdiff, &s) != 0) {
-                                        if (mkdir(hdiff, S_IRWXU | S_IRWXG | S_IRWXO))
+                                        mkdir_attr(hdiff, S_IRWXU | S_IRWXG | S_IRWXO, 0, 0);
-                                                errExit("mkdir");
                                }
+                                else if (set_perms(hdiff, 0, 0, S_IRWXU  | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH))
-                                if (set_perms(hdiff, 0, 0, S_IRWXU  | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH))
                                        errExit("set_perms");
                
                                if(asprintf(&hwork, "%s/hwork", basedir) == -1)
@@ -851,11 +804,9 @@ void fs_overlayfs(void) {
                                // no need to check arg_overlay_reuse
                                if (stat(hwork, &s) != 0) {
-                                        if (mkdir(hwork, S_IRWXU | S_IRWXG | S_IRWXO))
+                                        mkdir_attr(hwork, S_IRWXU | S_IRWXG | S_IRWXO, 0, 0);
-                                                errExit("mkdir");
                                }
+                                else if (set_perms(hwork, 0, 0, S_IRWXU  | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH))
-                                if (set_perms(hwork, 0, 0, S_IRWXU  | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH))
                                        errExit("set_perms");
                
                                // no homedir in overlay so now mount another overlay for /home
diff --git a/src/firejail/fs_bin.c b/src/firejail/fs_bin.c
index c906e32c0..6cc1bf3ab 100644
--- a/src/firejail/fs_bin.c
+++ b/src/firejail/fs_bin.c
@@ -212,11 +212,7 @@ void fs_private_bin_list(void) {
        assert(private_list);
        
        // create /run/firejail/mnt/bin directory
-        if (mkdir(RUN_BIN_DIR, 0755) == -1)
+        mkdir_attr(RUN_BIN_DIR, 0755, 0, 0);
-                errExit("mkdir");
-        if (chmod(RUN_BIN_DIR, 0755) == -1)
-                errExit("chmod");
-        ASSERT_PERMS(RUN_BIN_DIR, 0, 0, 0755);
        
        // copy the list of files in the new etc directory
        // using a new child process without root privileges
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c
index ef5d67b55..d710e98f2 100644
--- a/src/firejail/fs_dev.c
+++ b/src/firejail/fs_dev.c
@@ -65,11 +65,7 @@ static void deventry_mount(void) {
                        if (arg_debug)
                                printf("mounting %s %s\n", dev[i].run_fname, (dir)? "directory": "file");
                        if (dir) {
-                                if (mkdir(dev[i].dev_fname, 0755) == -1)
+                                mkdir_attr(dev[i].dev_fname, 0755, 0, 0);
-                                        errExit("mkdir");
-                                if (chmod(dev[i].dev_fname, 0755) == -1)
-                                        errExit("chmod");
-                                ASSERT_PERMS(dev[i].dev_fname, 0, 0, 0755);
                        }
                        else {
                                struct stat s;
@@ -130,11 +126,7 @@ void fs_private_dev(void){
        // create DRI_DIR
        // keep a copy of dev directory
-        if (mkdir(RUN_DEV_DIR, 0755) == -1)
+        mkdir_attr(RUN_DEV_DIR, 0755, 0, 0);
-                errExit("mkdir");
-        if (chmod(RUN_DEV_DIR, 0755) == -1)
-                errExit("chmod");
-        ASSERT_PERMS(RUN_DEV_DIR, 0, 0, 0755);
        if (mount("/dev", RUN_DEV_DIR, NULL, MS_BIND|MS_REC, NULL) < 0)
                errExit("mounting /dev/dri");
@@ -179,12 +171,7 @@ void fs_private_dev(void){
        // create /dev/shm
        if (arg_debug)
                printf("Create /dev/shm directory\n");
-        if (mkdir("/dev/shm", 01777) == -1)
+        mkdir_attr("/dev/shm", 01777, 0, 0);
-                errExit("mkdir");
-        // mkdir sets only the file permission bits
-        if (chmod("/dev/shm", 01777) < 0)
-                errExit("chmod");
-        ASSERT_PERMS("/dev/shm", 0, 0, 01777);
        fs_logger("mkdir /dev/shm");
        // create devices
@@ -206,11 +193,7 @@ void fs_private_dev(void){
 #endif
        // pseudo-terminal
-        if (mkdir("/dev/pts", 0755) == -1)
+        mkdir_attr("/dev/pts", 0755, 0, 0);
-                errExit("mkdir");
-        if (chmod("/dev/pts", 0755) == -1)
-                errExit("chmod");
-        ASSERT_PERMS("/dev/pts", 0, 0, 0755);
        fs_logger("mkdir /dev/pts");
        create_char_dev("/dev/pts/ptmx", 0666, 5, 2); //"mknod -m 666 /dev/pts/ptmx c 5 2");
        fs_logger("mknod /dev/pts/ptmx");
@@ -260,12 +243,7 @@ void fs_dev_shm(void) {
                if (lnk) {
                        if (!is_dir(lnk)) {
                                // create directory
-                                if (mkdir(lnk, 01777))
+                                mkdir_attr(lnk, 01777, 0, 0);
-                                        errExit("mkdir");
-                                // mkdir sets only the file permission bits
-                                if (chmod(lnk, 01777))
-                                        errExit("chmod");
-                                ASSERT_PERMS(lnk, 0, 0, 01777);
                        }
                        if (arg_debug)
                                printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk);
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c
index ebcde29a3..7e18840fd 100644
--- a/src/firejail/fs_etc.c
+++ b/src/firejail/fs_etc.c
@@ -132,11 +132,7 @@ void fs_private_etc_list(void) {
        }
        // create /run/firejail/mnt/etc directory
-        if (mkdir(RUN_ETC_DIR, 0755) == -1)
+        mkdir_attr(RUN_ETC_DIR, 0755, 0, 0);
-                errExit("mkdir");
-        if (chmod(RUN_ETC_DIR, 0755) == -1)
-                errExit("chmod");
-        ASSERT_PERMS(RUN_ETC_DIR, 0, 0, 0755);
        fs_logger("tmpfs /etc");
        
        fs_logger_print();      // save the current log
diff --git a/src/firejail/fs_var.c b/src/firejail/fs_var.c
index 4ff00f3ba..ca50685ad 100644
--- a/src/firejail/fs_var.c
+++ b/src/firejail/fs_var.c
@@ -98,10 +98,7 @@ static void build_dirs(void) {
        // create directories under /var/log
        DirData *ptr = dirlist;
        while (ptr) {
-                if (mkdir(ptr->name, ptr->st_mode))
+                mkdir_attr(ptr->name, ptr->st_mode, ptr->st_uid, ptr->st_gid);
-                        errExit("mkdir");
-                if (chown(ptr->name, ptr->st_uid, ptr->st_gid))
-                        errExit("chown");
                fs_logger2("mkdir", ptr->name);
                ptr = ptr->next;
        }
@@ -223,18 +220,10 @@ void fs_var_cache(void) {
                        gid = p->pw_gid;
                }
                
-                int rv = mkdir("/var/cache/lighttpd/compress", 0755);
+                mkdir_attr("/var/cache/lighttpd/compress", 0755, uid, gid);
-                if (rv == -1)
-                        errExit("mkdir");
-                if (chown("/var/cache/lighttpd/compress", uid, gid) < 0)
-                        errExit("chown");
                fs_logger("mkdir /var/cache/lighttpd/compress");
-                rv = mkdir("/var/cache/lighttpd/uploads", 0755);
+                mkdir_attr("/var/cache/lighttpd/uploads", 0755, uid, gid);
-                if (rv == -1)
-                        errExit("mkdir");
-                if (chown("/var/cache/lighttpd/uploads", uid, gid) < 0)
-                        errExit("chown");
                fs_logger("/var/cache/lighttpd/uploads");
        }                       
 }
@@ -268,11 +257,7 @@ void fs_var_lock(void) {
                if (lnk) {
                        if (!is_dir(lnk)) {
                                // create directory
-                                if (mkdir(lnk, S_IRWXU|S_IRWXG|S_IRWXO))
+                                mkdir_attr(lnk, S_IRWXU|S_IRWXG|S_IRWXO, 0, 0);
-                                        errExit("mkdir");
-                                if (chmod(lnk, S_IRWXU|S_IRWXG|S_IRWXO))
-                                        errExit("chmod");
-                                ASSERT_PERMS(lnk, 0, 0, S_IRWXU|S_IRWXG|S_IRWXO);
                        }
                        if (arg_debug)
                                printf("Mounting tmpfs on %s on behalf of /var/lock\n", lnk);
diff --git a/src/firejail/join.c b/src/firejail/join.c
index 899166447..628002d35 100644
--- a/src/firejail/join.c
+++ b/src/firejail/join.c
@@ -229,15 +229,11 @@ void join(pid_t pid, int argc, char **argv, int index) {
                        exit(1);
        }
        else {
-                if (join_namespace(pid, "ipc"))
+                if (join_namespace(pid, "ipc") ||
-                        exit(1);
+                    join_namespace(pid, "net") ||
-                if (join_namespace(pid, "net"))
+                    join_namespace(pid, "pid") ||
-                        exit(1);
+                    join_namespace(pid, "uts") ||
-                if (join_namespace(pid, "pid"))
+                    join_namespace(pid, "mnt"))
-                        exit(1);
-                if (join_namespace(pid, "uts"))
-                        exit(1);
-                if (join_namespace(pid, "mnt"))
                        exit(1);
        }
diff --git a/src/firejail/util.c b/src/firejail/util.c
index 3424d8ab6..d928c6b42 100644
--- a/src/firejail/util.c
+++ b/src/firejail/util.c
@@ -731,4 +731,40 @@ int set_perms(const char *fname, uid_t uid, gid_t gid, mode_t mode) {
        return 0;
 }
+void mkdir_attr(const char *fname, mode_t mode, uid_t uid, gid_t gid) {
+        assert(fname);
+        mode &= 07777;
+#if 0   
+        printf("fname %s, uid %d, gid %d, mode %x - ", fname, uid, gid, (unsigned) mode);
+        if (S_ISLNK(mode))
+                printf("l");
+        else if (S_ISDIR(mode))
+                printf("d");
+        else if (S_ISCHR(mode))
+                printf("c");
+        else if (S_ISBLK(mode))
+                printf("b");
+        else if (S_ISSOCK(mode))
+                printf("s");
+        else
+                printf("-");
+        printf( (mode & S_IRUSR) ? "r" : "-");
+        printf( (mode & S_IWUSR) ? "w" : "-");
+        printf( (mode & S_IXUSR) ? "x" : "-");
+        printf( (mode & S_IRGRP) ? "r" : "-");
+        printf( (mode & S_IWGRP) ? "w" : "-");
+        printf( (mode & S_IXGRP) ? "x" : "-");
+        printf( (mode & S_IROTH) ? "r" : "-");
+        printf( (mode & S_IWOTH) ? "w" : "-");
+        printf( (mode & S_IXOTH) ? "x" : "-");
+        printf("\n");
+#endif  
+        if (mkdir(fname, mode) == -1 ||
+            chmod(fname, mode) == -1 ||
+            chown(fname, uid, gid)) {
+                fprintf(stderr, "Error: failed to create %s directory\n", fname);
+                errExit("mkdir/chmod");
+        }
+        ASSERT_PERMS(fname, uid, gid, mode);
+}
author	netblue30 <netblue30@yahoo.com>	2016-11-13 10:47:20 -0500
committer	netblue30 <netblue30@yahoo.com>	2016-11-13 10:47:20 -0500
commit	63e16bfcd9f79c63f3801f51df4840f74fa6f41b (patch)
tree	fa62784ad7ff5becbb4856ed84264cb5d4de8828 /src
parent	set_perms cleanup (diff)
download	firejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.tar.gz firejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.tar.zst firejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.zip

diff --git a/src/firejail/appimage.c b/src/firejail/appimage.c index 96c054048..a658173eb 100644 --- a/src/firejail/appimage.c +++ b/src/firejail/appimage.c
@@ -94,14 +94,8 @@ void appimage_set(const char *appimage_path) {
94	if (asprintf(&mntdir, "%s/.appimage-%u", RUN_FIREJAIL_APPIMAGE_DIR, getpid()) == -1)	94	if (asprintf(&mntdir, "%s/.appimage-%u", RUN_FIREJAIL_APPIMAGE_DIR, getpid()) == -1)
95	errExit("asprintf");	95	errExit("asprintf");
96	EUID_ROOT();	96	EUID_ROOT();
97	if (mkdir(mntdir, 0700) == -1) {	97	mkdir_attr(mntdir, 0700, getuid(), getgid());
98	fprintf(stderr, "Error: cannot create appimage mount point\n");
99	exit(1);
100	}
101	if (set_perms(mntdir, getuid(), getgid(), 0700))
102	errExit("set_perms");
103	EUID_USER();	98	EUID_USER();
104	ASSERT_PERMS(mntdir, getuid(), getgid(), 0700);
105		99
106	// mount	100	// mount
107	char *mode;	101	char *mode;


diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 282271a64..d7ba539e6 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h
@@ -461,6 +461,7 @@ void flush_stdin(void);
461	void create_empty_dir_as_root(const char *dir, mode_t mode);	461	void create_empty_dir_as_root(const char *dir, mode_t mode);
462	void create_empty_file_as_root(const char *dir, mode_t mode);	462	void create_empty_file_as_root(const char *dir, mode_t mode);
463	int set_perms(const char *fname, uid_t uid, gid_t gid, mode_t mode);	463	int set_perms(const char *fname, uid_t uid, gid_t gid, mode_t mode);
		464	void mkdir_attr(const char *fname, mode_t mode, uid_t uid, gid_t gid);
464		465
465	// fs_var.c	466	// fs_var.c
466	void fs_var_log(void); // mounting /var/log	467	void fs_var_log(void); // mounting /var/log


diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 3a2fd8c38..7ff7e3c59 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c
@@ -247,21 +247,13 @@ void fs_blacklist(void) {
247		247
248	// process bind command	248	// process bind command
249	if (strncmp(entry->data, "bind ", 5) == 0) {	249	if (strncmp(entry->data, "bind ", 5) == 0) {
		250	struct stat s;
250	char *dname1 = entry->data + 5;	251	char *dname1 = entry->data + 5;
251	char *dname2 = split_comma(dname1);	252	char *dname2 = split_comma(dname1);
252	if (dname2 == NULL) {	253	if (dname2 == NULL \|\|
253	fprintf(stderr, "Error: second directory missing in bind command\n");	254	stat(dname1, &s) == -1 \|\|
254	entry = entry->next;	255	stat(dname2, &s) == -1) {
255	continue;	256	fprintf(stderr, "Error: invalid bind command, directory missing\n");
256	}
257	struct stat s;
258	if (stat(dname1, &s) == -1) {
259	fprintf(stderr, "Error: cannot find %s for bind command\n", dname1);
260	entry = entry->next;
261	continue;
262	}
263	if (stat(dname2, &s) == -1) {
264	fprintf(stderr, "Error: cannot find %s for bind command\n", dname2);
265	entry = entry->next;	257	entry = entry->next;
266	continue;	258	continue;
267	}	259	}
@@ -410,10 +402,9 @@ void fs_rdonly(const char *dir) {
410	int rv = stat(dir, &s);	402	int rv = stat(dir, &s);
411	if (rv == 0) {	403	if (rv == 0) {
412	// mount --bind /bin /bin	404	// mount --bind /bin /bin
413	if (mount(dir, dir, NULL, MS_BIND\|MS_REC, NULL) < 0)
414	errExit("mount read-only");
415	// mount --bind -o remount,ro /bin	405	// mount --bind -o remount,ro /bin
416	if (mount(NULL, dir, NULL, MS_BIND\|MS_REMOUNT\|MS_RDONLY\|MS_REC, NULL) < 0)	406	if (mount(dir, dir, NULL, MS_BIND\|MS_REC, NULL) < 0 \|\|
		407	mount(NULL, dir, NULL, MS_BIND\|MS_REMOUNT\|MS_RDONLY\|MS_REC, NULL) < 0)
417	errExit("mount read-only");	408	errExit("mount read-only");
418	fs_logger2("read-only", dir);	409	fs_logger2("read-only", dir);
419	}	410	}
@@ -428,15 +419,15 @@ static void fs_rdwr(const char *dir) {
428	// if the file is outside /home directory, allow only root user	419	// if the file is outside /home directory, allow only root user
429	uid_t u = getuid();	420	uid_t u = getuid();
430	if (u != 0 && s.st_uid != u) {	421	if (u != 0 && s.st_uid != u) {
431	fprintf(stderr, "Warning: you are not allowed to change %s to read-write\n", dir);	422	if (!arg_quiet)
		423	fprintf(stderr, "Warning: you are not allowed to change %s to read-write\n", dir);
432	return;	424	return;
433	}	425	}
434		426
435	// mount --bind /bin /bin	427	// mount --bind /bin /bin
436	if (mount(dir, dir, NULL, MS_BIND\|MS_REC, NULL) < 0)
437	errExit("mount read-write");
438	// mount --bind -o remount,rw /bin	428	// mount --bind -o remount,rw /bin
439	if (mount(NULL, dir, NULL, MS_BIND\|MS_REMOUNT\|MS_REC, NULL) < 0)	429	if (mount(dir, dir, NULL, MS_BIND\|MS_REC, NULL) < 0 \|\|
		430	mount(NULL, dir, NULL, MS_BIND\|MS_REMOUNT\|MS_REC, NULL) < 0)
440	errExit("mount read-write");	431	errExit("mount read-write");
441	fs_logger2("read-write", dir);	432	fs_logger2("read-write", dir);
442	}	433	}
@@ -449,37 +440,16 @@ void fs_noexec(const char *dir) {
449	int rv = stat(dir, &s);	440	int rv = stat(dir, &s);
450	if (rv == 0) {	441	if (rv == 0) {
451	// mount --bind /bin /bin	442	// mount --bind /bin /bin
452	if (mount(dir, dir, NULL, MS_BIND\|MS_REC, NULL) < 0)
453	errExit("mount noexec");
454	// mount --bind -o remount,ro /bin	443	// mount --bind -o remount,ro /bin
455	if (mount(NULL, dir, NULL, MS_BIND\|MS_REMOUNT\|MS_NOEXEC\|MS_NODEV\|MS_NOSUID\|MS_REC, NULL) < 0)	444	if (mount(dir, dir, NULL, MS_BIND\|MS_REC, NULL) < 0 \|\|
456	errExit("mount read-only");	445	mount(NULL, dir, NULL, MS_BIND\|MS_REMOUNT\|MS_NOEXEC\|MS_NODEV\|MS_NOSUID\|MS_REC, NULL) < 0)
		446	errExit("mount noexec");
457	fs_logger2("noexec", dir);	447	fs_logger2("noexec", dir);
458	}	448	}
459	}	449	}
460		450
461		451
462		452
463	void fs_rdonly_noexit(const char *dir) {
464	assert(dir);
465	// check directory exists
466	struct stat s;
467	int rv = stat(dir, &s);
468	if (rv == 0) {
469	int merr = 0;
470	// mount --bind /bin /bin
471	if (mount(dir, dir, NULL, MS_BIND\|MS_REC, NULL) < 0)
472	merr = 1;
473	// mount --bind -o remount,ro /bin
474	if (mount(NULL, dir, NULL, MS_BIND\|MS_REMOUNT\|MS_RDONLY\|MS_REC, NULL) < 0)
475	merr = 1;
476	if (merr)
477	fprintf(stderr, "Warning: cannot mount %s read-only\n", dir);
478	else
479	fs_logger2("read-only", dir);
480	}
481	}
482
483	// mount /proc and /sys directories	453	// mount /proc and /sys directories
484	void fs_proc_sys_dev_boot(void) {	454	void fs_proc_sys_dev_boot(void) {
485	if (arg_debug)	455	if (arg_debug)
@@ -489,10 +459,8 @@ void fs_proc_sys_dev_boot(void) {
489	fs_logger("remount /proc");	459	fs_logger("remount /proc");
490		460
491	// remount /proc/sys readonly	461	// remount /proc/sys readonly
492	if (mount("/proc/sys", "/proc/sys", NULL, MS_BIND \| MS_REC, NULL) < 0)	462	if (mount("/proc/sys", "/proc/sys", NULL, MS_BIND \| MS_REC, NULL) < 0 \|\|
493	errExit("mounting /proc/sys");	463	mount(NULL, "/proc/sys", NULL, MS_BIND \| MS_REMOUNT \| MS_RDONLY \| MS_REC, NULL) < 0)
494
495	if (mount(NULL, "/proc/sys", NULL, MS_BIND \| MS_REMOUNT \| MS_RDONLY \| MS_REC, NULL) < 0)
496	errExit("mounting /proc/sys");	464	errExit("mounting /proc/sys");
497	fs_logger("read-only /proc/sys");	465	fs_logger("read-only /proc/sys");
498		466
@@ -646,12 +614,7 @@ char fs_check_overlay_dir(const char subdirname, int allow_reuse) {
646	if (asprintf(&dirname, "%s/.firejail", cfg.homedir) == -1)	614	if (asprintf(&dirname, "%s/.firejail", cfg.homedir) == -1)
647	errExit("asprintf");	615	errExit("asprintf");
648	if (stat(dirname, &s) == -1) {	616	if (stat(dirname, &s) == -1) {
649	/* coverity[toctou] */	617	mkdir_attr(dirname, 0700, 0, 0);
650	if (mkdir(dirname, 0700))
651	errExit("mkdir");
652	if (chmod(dirname, 0700) == -1)
653	errExit("chmod");
654	ASSERT_PERMS(dirname, getuid(), getgid(), 0700);
655	}	618	}
656	else if (is_link(dirname)) {	619	else if (is_link(dirname)) {
657	fprintf(stderr, "Error: invalid ~/.firejail directory\n");	620	fprintf(stderr, "Error: invalid ~/.firejail directory\n");
@@ -733,11 +696,7 @@ void fs_overlayfs(void) {
733	char *oroot;	696	char *oroot;
734	if(asprintf(&oroot, "%s/oroot", RUN_MNT_DIR) == -1)	697	if(asprintf(&oroot, "%s/oroot", RUN_MNT_DIR) == -1)
735	errExit("asprintf");	698	errExit("asprintf");
736	if (mkdir(oroot, 0755))	699	mkdir_attr(oroot, 0755, 0, 0);
737	errExit("mkdir");
738	if (chmod(oroot, 0755) == -1)
739	errExit("chmod");
740	ASSERT_PERMS(oroot, 0, 0, 0755);
741		700
742	struct stat s;	701	struct stat s;
743	char *basedir = RUN_MNT_DIR;	702	char *basedir = RUN_MNT_DIR;
@@ -766,11 +725,9 @@ void fs_overlayfs(void) {
766		725
767	// no need to check arg_overlay_reuse	726	// no need to check arg_overlay_reuse
768	if (stat(odiff, &s) != 0) {	727	if (stat(odiff, &s) != 0) {
769	if (mkdir(odiff, 0755))	728	mkdir_attr(odiff, 0755, 0, 0);
770	errExit("mkdir");
771	}	729	}
772		730	else if (set_perms(odiff, 0, 0, 0755))
773	if (set_perms(odiff, 0, 0, 0755))
774	errExit("set_perms");	731	errExit("set_perms");
775		732
776	char *owork;	733	char *owork;
@@ -779,11 +736,9 @@ void fs_overlayfs(void) {
779		736
780	// no need to check arg_overlay_reuse	737	// no need to check arg_overlay_reuse
781	if (stat(owork, &s) != 0) {	738	if (stat(owork, &s) != 0) {
782	if (mkdir(owork, 0755))	739	mkdir_attr(owork, 0755, 0, 0);
783	errExit("mkdir");
784	}	740	}
785		741	else if (set_perms(owork, 0, 0, 0755))
786	if (set_perms(owork, 0, 0, 0755))
787	errExit("chown");	742	errExit("chown");
788		743
789	// mount overlayfs	744	// mount overlayfs
@@ -839,11 +794,9 @@ void fs_overlayfs(void) {
839		794
840	// no need to check arg_overlay_reuse	795	// no need to check arg_overlay_reuse
841	if (stat(hdiff, &s) != 0) {	796	if (stat(hdiff, &s) != 0) {
842	if (mkdir(hdiff, S_IRWXU \| S_IRWXG \| S_IRWXO))	797	mkdir_attr(hdiff, S_IRWXU \| S_IRWXG \| S_IRWXO, 0, 0);
843	errExit("mkdir");
844	}	798	}
845		799	else if (set_perms(hdiff, 0, 0, S_IRWXU \| S_IRGRP \| S_IXGRP \| S_IROTH \| S_IXOTH))
846	if (set_perms(hdiff, 0, 0, S_IRWXU \| S_IRGRP \| S_IXGRP \| S_IROTH \| S_IXOTH))
847	errExit("set_perms");	800	errExit("set_perms");
848		801
849	if(asprintf(&hwork, "%s/hwork", basedir) == -1)	802	if(asprintf(&hwork, "%s/hwork", basedir) == -1)
@@ -851,11 +804,9 @@ void fs_overlayfs(void) {
851		804
852	// no need to check arg_overlay_reuse	805	// no need to check arg_overlay_reuse
853	if (stat(hwork, &s) != 0) {	806	if (stat(hwork, &s) != 0) {
854	if (mkdir(hwork, S_IRWXU \| S_IRWXG \| S_IRWXO))	807	mkdir_attr(hwork, S_IRWXU \| S_IRWXG \| S_IRWXO, 0, 0);
855	errExit("mkdir");
856	}	808	}
857		809	else if (set_perms(hwork, 0, 0, S_IRWXU \| S_IRGRP \| S_IXGRP \| S_IROTH \| S_IXOTH))
858	if (set_perms(hwork, 0, 0, S_IRWXU \| S_IRGRP \| S_IXGRP \| S_IROTH \| S_IXOTH))
859	errExit("set_perms");	810	errExit("set_perms");
860		811
861	// no homedir in overlay so now mount another overlay for /home	812	// no homedir in overlay so now mount another overlay for /home


diff --git a/src/firejail/fs_bin.c b/src/firejail/fs_bin.c index c906e32c0..6cc1bf3ab 100644 --- a/src/firejail/fs_bin.c +++ b/src/firejail/fs_bin.c
@@ -212,11 +212,7 @@ void fs_private_bin_list(void) {
212	assert(private_list);	212	assert(private_list);
213		213
214	// create /run/firejail/mnt/bin directory	214	// create /run/firejail/mnt/bin directory
215	if (mkdir(RUN_BIN_DIR, 0755) == -1)	215	mkdir_attr(RUN_BIN_DIR, 0755, 0, 0);
216	errExit("mkdir");
217	if (chmod(RUN_BIN_DIR, 0755) == -1)
218	errExit("chmod");
219	ASSERT_PERMS(RUN_BIN_DIR, 0, 0, 0755);
220		216
221	// copy the list of files in the new etc directory	217	// copy the list of files in the new etc directory
222	// using a new child process without root privileges	218	// using a new child process without root privileges


diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index ef5d67b55..d710e98f2 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c
@@ -65,11 +65,7 @@ static void deventry_mount(void) {
65	if (arg_debug)	65	if (arg_debug)
66	printf("mounting %s %s\n", dev[i].run_fname, (dir)? "directory": "file");	66	printf("mounting %s %s\n", dev[i].run_fname, (dir)? "directory": "file");
67	if (dir) {	67	if (dir) {
68	if (mkdir(dev[i].dev_fname, 0755) == -1)	68	mkdir_attr(dev[i].dev_fname, 0755, 0, 0);
69	errExit("mkdir");
70	if (chmod(dev[i].dev_fname, 0755) == -1)
71	errExit("chmod");
72	ASSERT_PERMS(dev[i].dev_fname, 0, 0, 0755);
73	}	69	}
74	else {	70	else {
75	struct stat s;	71	struct stat s;
@@ -130,11 +126,7 @@ void fs_private_dev(void){
130		126
131	// create DRI_DIR	127	// create DRI_DIR
132	// keep a copy of dev directory	128	// keep a copy of dev directory
133	if (mkdir(RUN_DEV_DIR, 0755) == -1)	129	mkdir_attr(RUN_DEV_DIR, 0755, 0, 0);
134	errExit("mkdir");
135	if (chmod(RUN_DEV_DIR, 0755) == -1)
136	errExit("chmod");
137	ASSERT_PERMS(RUN_DEV_DIR, 0, 0, 0755);
138	if (mount("/dev", RUN_DEV_DIR, NULL, MS_BIND\|MS_REC, NULL) < 0)	130	if (mount("/dev", RUN_DEV_DIR, NULL, MS_BIND\|MS_REC, NULL) < 0)
139	errExit("mounting /dev/dri");	131	errExit("mounting /dev/dri");
140		132
@@ -179,12 +171,7 @@ void fs_private_dev(void){
179	// create /dev/shm	171	// create /dev/shm
180	if (arg_debug)	172	if (arg_debug)
181	printf("Create /dev/shm directory\n");	173	printf("Create /dev/shm directory\n");
182	if (mkdir("/dev/shm", 01777) == -1)	174	mkdir_attr("/dev/shm", 01777, 0, 0);
183	errExit("mkdir");
184	// mkdir sets only the file permission bits
185	if (chmod("/dev/shm", 01777) < 0)
186	errExit("chmod");
187	ASSERT_PERMS("/dev/shm", 0, 0, 01777);
188	fs_logger("mkdir /dev/shm");	175	fs_logger("mkdir /dev/shm");
189		176
190	// create devices	177	// create devices
@@ -206,11 +193,7 @@ void fs_private_dev(void){
206	#endif	193	#endif
207		194
208	// pseudo-terminal	195	// pseudo-terminal
209	if (mkdir("/dev/pts", 0755) == -1)	196	mkdir_attr("/dev/pts", 0755, 0, 0);
210	errExit("mkdir");
211	if (chmod("/dev/pts", 0755) == -1)
212	errExit("chmod");
213	ASSERT_PERMS("/dev/pts", 0, 0, 0755);
214	fs_logger("mkdir /dev/pts");	197	fs_logger("mkdir /dev/pts");
215	create_char_dev("/dev/pts/ptmx", 0666, 5, 2); //"mknod -m 666 /dev/pts/ptmx c 5 2");	198	create_char_dev("/dev/pts/ptmx", 0666, 5, 2); //"mknod -m 666 /dev/pts/ptmx c 5 2");
216	fs_logger("mknod /dev/pts/ptmx");	199	fs_logger("mknod /dev/pts/ptmx");
@@ -260,12 +243,7 @@ void fs_dev_shm(void) {
260	if (lnk) {	243	if (lnk) {
261	if (!is_dir(lnk)) {	244	if (!is_dir(lnk)) {
262	// create directory	245	// create directory
263	if (mkdir(lnk, 01777))	246	mkdir_attr(lnk, 01777, 0, 0);
264	errExit("mkdir");
265	// mkdir sets only the file permission bits
266	if (chmod(lnk, 01777))
267	errExit("chmod");
268	ASSERT_PERMS(lnk, 0, 0, 01777);
269	}	247	}
270	if (arg_debug)	248	if (arg_debug)
271	printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk);	249	printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk);


diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index ebcde29a3..7e18840fd 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c
@@ -132,11 +132,7 @@ void fs_private_etc_list(void) {
132	}	132	}
133		133
134	// create /run/firejail/mnt/etc directory	134	// create /run/firejail/mnt/etc directory
135	if (mkdir(RUN_ETC_DIR, 0755) == -1)	135	mkdir_attr(RUN_ETC_DIR, 0755, 0, 0);
136	errExit("mkdir");
137	if (chmod(RUN_ETC_DIR, 0755) == -1)
138	errExit("chmod");
139	ASSERT_PERMS(RUN_ETC_DIR, 0, 0, 0755);
140	fs_logger("tmpfs /etc");	136	fs_logger("tmpfs /etc");
141		137
142	fs_logger_print(); // save the current log	138	fs_logger_print(); // save the current log


diff --git a/src/firejail/fs_var.c b/src/firejail/fs_var.c index 4ff00f3ba..ca50685ad 100644 --- a/src/firejail/fs_var.c +++ b/src/firejail/fs_var.c
@@ -98,10 +98,7 @@ static void build_dirs(void) {
98	// create directories under /var/log	98	// create directories under /var/log
99	DirData *ptr = dirlist;	99	DirData *ptr = dirlist;
100	while (ptr) {	100	while (ptr) {
101	if (mkdir(ptr->name, ptr->st_mode))	101	mkdir_attr(ptr->name, ptr->st_mode, ptr->st_uid, ptr->st_gid);
102	errExit("mkdir");
103	if (chown(ptr->name, ptr->st_uid, ptr->st_gid))
104	errExit("chown");
105	fs_logger2("mkdir", ptr->name);	102	fs_logger2("mkdir", ptr->name);
106	ptr = ptr->next;	103	ptr = ptr->next;
107	}	104	}
@@ -223,18 +220,10 @@ void fs_var_cache(void) {
223	gid = p->pw_gid;	220	gid = p->pw_gid;
224	}	221	}
225		222
226	int rv = mkdir("/var/cache/lighttpd/compress", 0755);	223	mkdir_attr("/var/cache/lighttpd/compress", 0755, uid, gid);
227	if (rv == -1)
228	errExit("mkdir");
229	if (chown("/var/cache/lighttpd/compress", uid, gid) < 0)
230	errExit("chown");
231	fs_logger("mkdir /var/cache/lighttpd/compress");	224	fs_logger("mkdir /var/cache/lighttpd/compress");
232		225
233	rv = mkdir("/var/cache/lighttpd/uploads", 0755);	226	mkdir_attr("/var/cache/lighttpd/uploads", 0755, uid, gid);
234	if (rv == -1)
235	errExit("mkdir");
236	if (chown("/var/cache/lighttpd/uploads", uid, gid) < 0)
237	errExit("chown");
238	fs_logger("/var/cache/lighttpd/uploads");	227	fs_logger("/var/cache/lighttpd/uploads");
239	}	228	}
240	}	229	}
@@ -268,11 +257,7 @@ void fs_var_lock(void) {
268	if (lnk) {	257	if (lnk) {
269	if (!is_dir(lnk)) {	258	if (!is_dir(lnk)) {
270	// create directory	259	// create directory
271	if (mkdir(lnk, S_IRWXU\|S_IRWXG\|S_IRWXO))	260	mkdir_attr(lnk, S_IRWXU\|S_IRWXG\|S_IRWXO, 0, 0);
272	errExit("mkdir");
273	if (chmod(lnk, S_IRWXU\|S_IRWXG\|S_IRWXO))
274	errExit("chmod");
275	ASSERT_PERMS(lnk, 0, 0, S_IRWXU\|S_IRWXG\|S_IRWXO);
276	}	261	}
277	if (arg_debug)	262	if (arg_debug)
278	printf("Mounting tmpfs on %s on behalf of /var/lock\n", lnk);	263	printf("Mounting tmpfs on %s on behalf of /var/lock\n", lnk);


diff --git a/src/firejail/join.c b/src/firejail/join.c index 899166447..628002d35 100644 --- a/src/firejail/join.c +++ b/src/firejail/join.c
@@ -229,15 +229,11 @@ void join(pid_t pid, int argc, char **argv, int index) {
229	exit(1);	229	exit(1);
230	}	230	}
231	else {	231	else {
232	if (join_namespace(pid, "ipc"))	232	if (join_namespace(pid, "ipc") \|\|
233	exit(1);	233	join_namespace(pid, "net") \|\|
234	if (join_namespace(pid, "net"))	234	join_namespace(pid, "pid") \|\|
235	exit(1);	235	join_namespace(pid, "uts") \|\|
236	if (join_namespace(pid, "pid"))	236	join_namespace(pid, "mnt"))
237	exit(1);
238	if (join_namespace(pid, "uts"))
239	exit(1);
240	if (join_namespace(pid, "mnt"))
241	exit(1);	237	exit(1);
242	}	238	}
243		239


diff --git a/src/firejail/util.c b/src/firejail/util.c index 3424d8ab6..d928c6b42 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c
@@ -731,4 +731,40 @@ int set_perms(const char *fname, uid_t uid, gid_t gid, mode_t mode) {
731	return 0;	731	return 0;
732	}	732	}
733		733
		734	void mkdir_attr(const char *fname, mode_t mode, uid_t uid, gid_t gid) {
		735	assert(fname);
		736	mode &= 07777;
		737	#if 0
		738	printf("fname %s, uid %d, gid %d, mode %x - ", fname, uid, gid, (unsigned) mode);
		739	if (S_ISLNK(mode))
		740	printf("l");
		741	else if (S_ISDIR(mode))
		742	printf("d");
		743	else if (S_ISCHR(mode))
		744	printf("c");
		745	else if (S_ISBLK(mode))
		746	printf("b");
		747	else if (S_ISSOCK(mode))
		748	printf("s");
		749	else
		750	printf("-");
		751	printf( (mode & S_IRUSR) ? "r" : "-");
		752	printf( (mode & S_IWUSR) ? "w" : "-");
		753	printf( (mode & S_IXUSR) ? "x" : "-");
		754	printf( (mode & S_IRGRP) ? "r" : "-");
		755	printf( (mode & S_IWGRP) ? "w" : "-");
		756	printf( (mode & S_IXGRP) ? "x" : "-");
		757	printf( (mode & S_IROTH) ? "r" : "-");
		758	printf( (mode & S_IWOTH) ? "w" : "-");
		759	printf( (mode & S_IXOTH) ? "x" : "-");
		760	printf("\n");
		761	#endif
		762	if (mkdir(fname, mode) == -1 \|\|
		763	chmod(fname, mode) == -1 \|\|
		764	chown(fname, uid, gid)) {
		765	fprintf(stderr, "Error: failed to create %s directory\n", fname);
		766	errExit("mkdir/chmod");
		767	}
734		768
		769	ASSERT_PERMS(fname, uid, gid, mode);
		770	}