Re: ldapd: add -r option to specify datadir path

Tue, 02 Feb 2016 05:02:19 -0800 

Gleydson Soares <[email protected]> writes:

>> Thinking about it .. would a call to access(2) with R_OK|W_OK|R_OK|F_OK 
>> satisfy
>> everyone ? Or only F_OK ?
>
> Sounds better than chdir(2), but it will lack if datadir was passed to 
> access(2)
> without including trailing "/"
>
> eg with access(datadir, F_OK):
> $ touch /home/gsoares/testfile   <- creating a file, not a directory     
> $ doas ./ldapd -r /home/gsoares/testfile ; echo $?      <- no trailing 
> /home/gsoares/testfile"/"
> 0
>
> so for directory existence check, I would suggest to use just stat(2). diff 
> attached.
> Index: ldapd.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/ldapd/ldapd.c,v
> retrieving revision 1.17
> diff -u -p -r1.17 ldapd.c
> --- ldapd.c   1 Feb 2016 20:00:18 -0000       1.17
> +++ ldapd.c   2 Feb 2016 10:10:43 -0000
> @@ -17,6 +17,7 @@
>   */
>  
>  #include <sys/queue.h>
> +#include <sys/stat.h>
>  #include <sys/un.h>
>  #include <sys/types.h>
>  #include <sys/wait.h>
> @@ -117,6 +118,7 @@ main(int argc, char *argv[])
>       struct event             ev_sigterm;
>       struct event             ev_sigchld;
>       struct event             ev_sighup;
> +     struct stat              s;

"s" sounds like a socket to me, what about "sb"?

>  
>       datadir = DATADIR;
>       log_init(1);            /* log to stderr until daemonized */
> @@ -178,8 +180,8 @@ main(int argc, char *argv[])
>               skip_chroot = 1;
>       }
>  
> -     if (datadir && chdir(datadir))
> -             err(1, "chdir");
> +     if ((stat(datadir, &s) == -1) || !S_ISDIR(s.st_mode))
> +             errx(1, "Invalid directory");

With such a diagnostic you don't get much detail about the exact
problem.

>  
>       if (!skip_chroot && (pw = getpwnam(LDAPD_USER)) == NULL)
>               err(1, "%s", LDAPD_USER);

Here's a similar diff for ldapctl, thoughts?

Index: ldapctl.c
===================================================================
RCS file: /cvs/src/usr.sbin/ldapctl/ldapctl.c,v
retrieving revision 1.8
diff -u -p -r1.8 ldapctl.c
--- ldapctl.c   2 Feb 2016 12:47:10 -0000       1.8
+++ ldapctl.c   2 Feb 2016 12:54:12 -0000
@@ -22,6 +22,7 @@
 
 #include <sys/types.h>
 #include <sys/socket.h>
+#include <sys/stat.h>
 #include <sys/queue.h>
 #include <sys/un.h>
 #include <sys/tree.h>
@@ -245,6 +246,7 @@ main(int argc, char *argv[])
        int                      ch;
        enum action              action = NONE;
        const char              *datadir = DATADIR;
+       struct stat              sb;
        const char              *sock = LDAPD_SOCKET;
        char                    *conffile = CONFFILE;
        struct sockaddr_un       sun;
@@ -277,6 +279,11 @@ main(int argc, char *argv[])
 
        if (argc == 0)
                usage();
+
+       if (stat(datadir, &sb) == -1)
+               err(1, "%s", datadir);
+       if (!S_ISDIR(sb.st_mode))
+               errx(1, "%s is not a directory", datadir);
 
        log_verbose(verbose);
 


-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

Reply via email to