diff options
| author | mae <matthias.ettrich@nokia.com> | 2012-05-29 18:11:51 +0200 |
|---|---|---|
| committer | Matthias Ettrich <matthias.ettrich@nokia.com> | 2012-05-30 11:33:40 +0200 |
| commit | 656e74383fd4e73bf527c1bb040847533fac9fd5 (patch) | |
| tree | 2552d31be3175638faf4db0c9b94c8543f0f1478 | |
| parent | d16c2d973d9e758de8776aabca62b1febe0bec69 (diff) | |
Support umask
We want to be able to define the umask
in policy code
Change-Id: I4ad3badd294e7cbf21b91626c4fa205d625dc294
Reviewed-by: Lasse Holmstedt <lasse.holmstedt@nokia.com>
| -rw-r--r-- | src/core/forklauncher.cpp | 4 | ||||
| -rw-r--r-- | src/core/processinfo.cpp | 25 | ||||
| -rw-r--r-- | src/core/processinfo.h | 6 | ||||
| -rw-r--r-- | src/core/unixprocessbackend.cpp | 2 | ||||
| -rw-r--r-- | src/core/unixsandboxprocess.cpp | 8 | ||||
| -rw-r--r-- | src/core/unixsandboxprocess.h | 3 |
6 files changed, 42 insertions, 6 deletions
diff --git a/src/core/forklauncher.cpp b/src/core/forklauncher.cpp index a5d13af..4ca3ad1 100644 --- a/src/core/forklauncher.cpp +++ b/src/core/forklauncher.cpp @@ -212,7 +212,9 @@ static void fixProcessState(const ProcessInfo& info, int *argc_ptr, char ***argv ::setgid(info.gid()); if (info.contains(ProcessInfoConstants::Uid)) ::setuid(info.uid()); - ::umask(S_IWGRP | S_IWOTH); + uint umask = info.umask(); + if (umask) + ::umask(umask); struct passwd *pw = getpwent(); if (pw) ::initgroups(pw->pw_name, pw->pw_gid); diff --git a/src/core/processinfo.cpp b/src/core/processinfo.cpp index 5141893..0fb6f86 100644 --- a/src/core/processinfo.cpp +++ b/src/core/processinfo.cpp @@ -106,6 +106,11 @@ QT_BEGIN_NAMESPACE_PROCESSMANAGER */ /*! + \property ProcessInfo::umask + \brief the default umask of the process. +*/ + +/*! \property ProcessInfo::priority \brief the Unix priority "niceness" that the program will run at. */ @@ -307,6 +312,26 @@ void ProcessInfo::setGid(qint64 newGid) } /*! + Return the process default umask +*/ + +uint ProcessInfo::umask() const +{ + return m_info.value(ProcessInfoConstants::Umask).toUInt(); +} + +/*! + Set the process default umask + + If 0 (the default), the process inherits its parent's umask. +*/ + +void ProcessInfo::setUmask(uint newUmask) +{ + setValue(ProcessInfoConstants::Umask, newUmask); +} + +/*! Return the process priority */ diff --git a/src/core/processinfo.h b/src/core/processinfo.h index 4b23764..c667bbd 100644 --- a/src/core/processinfo.h +++ b/src/core/processinfo.h @@ -57,6 +57,7 @@ const QLatin1String Environment = QLatin1String("environment"); const QLatin1String WorkingDirectory = QLatin1String("workingDirectory"); const QLatin1String Uid = QLatin1String("uid"); const QLatin1String Gid = QLatin1String("gid"); +const QLatin1String Umask = QLatin1String("umask"); const QLatin1String Priority = QLatin1String("priority"); const QLatin1String OomAdjustment = QLatin1String("oomAdjustment"); const QLatin1String StartOutputPattern = QLatin1String("startOutputPattern"); @@ -72,6 +73,7 @@ class Q_ADDON_PROCESSMANAGER_EXPORT ProcessInfo : public QObject Q_PROPERTY(QString workingDirectory READ workingDirectory WRITE setWorkingDirectory NOTIFY workingDirectoryChanged) Q_PROPERTY(qint64 uid READ uid WRITE setUid NOTIFY uidChanged) Q_PROPERTY(qint64 gid READ gid WRITE setGid NOTIFY gidChanged) + Q_PROPERTY(uint umask READ umask WRITE setUmask NOTIFY umaskChanged) Q_PROPERTY(int priority READ priority WRITE setPriority NOTIFY priorityChanged) Q_PROPERTY(int oomAdjustment READ oomAdjustment WRITE setOomAdjustment NOTIFY oomAdjustmentChanged) Q_PROPERTY(QByteArray startOutputPattern READ startOutputPattern WRITE setStartOutputPattern NOTIFY startOutputPatternChanged) @@ -104,6 +106,9 @@ public: qint64 gid() const; void setGid(qint64 gid); + uint umask() const; + void setUmask(uint umask); + int priority() const; void setPriority(int priority); @@ -129,6 +134,7 @@ signals: void workingDirectoryChanged(); void uidChanged(); void gidChanged(); + void umaskChanged(); void priorityChanged(); void oomAdjustmentChanged(); void startOutputPatternChanged(); diff --git a/src/core/unixprocessbackend.cpp b/src/core/unixprocessbackend.cpp index 18e8123..3840653 100644 --- a/src/core/unixprocessbackend.cpp +++ b/src/core/unixprocessbackend.cpp @@ -169,7 +169,7 @@ bool UnixProcessBackend::createProcess() qint64 uid = (m_info.contains(ProcessInfoConstants::Uid) ? m_info.uid() : -1); qint64 gid = (m_info.contains(ProcessInfoConstants::Gid) ? m_info.gid() : -1); - m_process = new UnixSandboxProcess(uid, gid, this); + m_process = new UnixSandboxProcess(uid, gid, m_info.umask(), this); m_process->setReadChannel(QProcess::StandardOutput); connect(m_process, SIGNAL(readyReadStandardOutput()), diff --git a/src/core/unixsandboxprocess.cpp b/src/core/unixsandboxprocess.cpp index 4361a59..2b9ec19 100644 --- a/src/core/unixsandboxprocess.cpp +++ b/src/core/unixsandboxprocess.cpp @@ -61,13 +61,14 @@ QT_BEGIN_NAMESPACE_PROCESSMANAGER */ /*! - Construct a UnixProcessBackend with \a uid, \a gid, and optional \a parent. + Construct a UnixProcessBackend with \a uid, \a gid, \a umask, and optional \a parent. */ -UnixSandboxProcess::UnixSandboxProcess(qint64 uid, qint64 gid, QObject *parent) +UnixSandboxProcess::UnixSandboxProcess(qint64 uid, qint64 gid, uint umask, QObject *parent) : QProcess(parent) , m_uid(uid) , m_gid(gid) + , m_umask(umask) { } @@ -132,7 +133,8 @@ void UnixSandboxProcess::setupChildProcess() if (::setpgid(0,0)) qFatal("UnixSandboxProcess setpgid(): %s", strerror(errno)); - ::umask(S_IWGRP | S_IWOTH); + if (m_umask) + ::umask(m_umask); if (m_uid >= 0) { errno = 0; diff --git a/src/core/unixsandboxprocess.h b/src/core/unixsandboxprocess.h index 797bc34..0d68715 100644 --- a/src/core/unixsandboxprocess.h +++ b/src/core/unixsandboxprocess.h @@ -51,7 +51,7 @@ class UnixSandboxProcess : public QProcess Q_OBJECT public: - UnixSandboxProcess(qint64 uid, qint64 gid, QObject *parent=0); + UnixSandboxProcess(qint64 uid, qint64 gid, uint umask, QObject *parent=0); protected: void setupChildProcess(); @@ -59,6 +59,7 @@ protected: private: qint64 m_uid; qint64 m_gid; + uint m_umask; }; QT_END_NAMESPACE_PROCESSMANAGER |