aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2012-12-02 23:53:52 -0500
committerMike Frysinger <vapier@gentoo.org>2012-12-24 00:23:50 -0500
commitfc0edcbe3114b885c5bcfe10cb00a68f9855c78d (patch)
tree0d8197540fe717a939b3dd8dc1c7fd1353a615d9
parentsb_efunc: delete (diff)
downloadsandbox-fc0edcbe3114b885c5bcfe10cb00a68f9855c78d.tar.gz
sandbox-fc0edcbe3114b885c5bcfe10cb00a68f9855c78d.tar.bz2
sandbox-fc0edcbe3114b885c5bcfe10cb00a68f9855c78d.zip
sandbox: allow log files to fallback to tmpdir
Since non-root users typically do not have write access to /var/log, allow it to fallback to standard tmpdirs. This makes testing locally a lot easier. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
-rw-r--r--libsandbox/libsandbox.c4
-rw-r--r--libsbutil/get_sandbox_log.c19
-rw-r--r--libsbutil/sbutil.h4
-rw-r--r--src/sandbox.c4
4 files changed, 19 insertions, 12 deletions
diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index 2096b06..184fc0b 100644
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -940,8 +940,8 @@ bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, in
/* Get the path and name to this library */
get_sandbox_lib(sandbox_lib);
- get_sandbox_log(log_path);
- get_sandbox_debug_log(debug_log_path);
+ get_sandbox_log(log_path, NULL);
+ get_sandbox_debug_log(debug_log_path, NULL);
init_context(&sbcontext);
sb_init = true;
diff --git a/libsbutil/get_sandbox_log.c b/libsbutil/get_sandbox_log.c
index c300a24..947566a 100644
--- a/libsbutil/get_sandbox_log.c
+++ b/libsbutil/get_sandbox_log.c
@@ -13,7 +13,7 @@
#include "headers.h"
#include "sbutil.h"
-static void _get_sb_log(char *path, const char *env, const char *prefix)
+static void _get_sb_log(char *path, const char *tmpdir, const char *env, const char *prefix)
{
char *sandbox_log_env = NULL;
@@ -32,8 +32,15 @@ static void _get_sb_log(char *path, const char *env, const char *prefix)
(NULL != strchr(sandbox_log_env, '/')))
sandbox_log_env = NULL;
+ /* If running as a user w/out write access to /var/log, don't
+ * shit ourselves.
+ */
+ const char *sb_log_dir = SANDBOX_LOG_LOCATION;
+ if (tmpdir && access(sb_log_dir, W_OK))
+ sb_log_dir = tmpdir;
+
snprintf(path, SB_PATH_MAX, "%s%s%s%s%d%s",
- SANDBOX_LOG_LOCATION, prefix,
+ sb_log_dir, prefix,
(sandbox_log_env == NULL ? "" : sandbox_log_env),
(sandbox_log_env == NULL ? "" : "-"),
getpid(), LOG_FILE_EXT);
@@ -42,12 +49,12 @@ static void _get_sb_log(char *path, const char *env, const char *prefix)
restore_errno();
}
-void get_sandbox_log(char *path)
+void get_sandbox_log(char *path, const char *tmpdir)
{
- _get_sb_log(path, ENV_SANDBOX_LOG, LOG_FILE_PREFIX);
+ _get_sb_log(path, tmpdir, ENV_SANDBOX_LOG, LOG_FILE_PREFIX);
}
-void get_sandbox_debug_log(char *path)
+void get_sandbox_debug_log(char *path, const char *tmpdir)
{
- _get_sb_log(path, ENV_SANDBOX_DEBUG_LOG, DEBUG_LOG_FILE_PREFIX);
+ _get_sb_log(path, tmpdir, ENV_SANDBOX_DEBUG_LOG, DEBUG_LOG_FILE_PREFIX);
}
diff --git a/libsbutil/sbutil.h b/libsbutil/sbutil.h
index f275514..c65c369 100644
--- a/libsbutil/sbutil.h
+++ b/libsbutil/sbutil.h
@@ -76,8 +76,8 @@ char *get_sandbox_conf(void);
char *get_sandbox_confd(char *path);
void get_sandbox_lib(char *path);
void get_sandbox_rc(char *path);
-void get_sandbox_log(char *path);
-void get_sandbox_debug_log(char *path);
+void get_sandbox_log(char *path, const char *tmpdir);
+void get_sandbox_debug_log(char *path, const char *tmpdir);
int get_tmp_dir(char *path);
bool is_env_on (const char *);
bool is_env_off (const char *);
diff --git a/src/sandbox.c b/src/sandbox.c
index 54fbb98..a5920c4 100644
--- a/src/sandbox.c
+++ b/src/sandbox.c
@@ -61,7 +61,7 @@ static int setup_sandbox(struct sandbox_info_t *sandbox_info, bool interactive)
get_sandbox_rc(sandbox_info->sandbox_rc);
/* Generate sandbox log full path */
- get_sandbox_log(sandbox_info->sandbox_log);
+ get_sandbox_log(sandbox_info->sandbox_log, sandbox_info->tmp_dir);
if (rc_file_exists(sandbox_info->sandbox_log)) {
if (-1 == unlink(sandbox_info->sandbox_log)) {
sb_pwarn("could not unlink old log file: %s",
@@ -71,7 +71,7 @@ static int setup_sandbox(struct sandbox_info_t *sandbox_info, bool interactive)
}
/* Generate sandbox debug log full path */
- get_sandbox_debug_log(sandbox_info->sandbox_debug_log);
+ get_sandbox_debug_log(sandbox_info->sandbox_debug_log, sandbox_info->tmp_dir);
if (rc_file_exists(sandbox_info->sandbox_debug_log)) {
if (-1 == unlink(sandbox_info->sandbox_debug_log)) {
sb_pwarn("could not unlink old debug log file: %s",