[packages/libcgroup.git] / libcgroup-group-write.patch

diff -ur libcgroup-0.37/doc/man/cgconfig.conf.5 libcgroup-0.37-mode/doc/man/cgconfig.conf.5
--- libcgroup-0.37/doc/man/cgconfig.conf.5	2010-12-07 16:42:41.000000000 +0100
+++ libcgroup-0.37-mode/doc/man/cgconfig.conf.5	2011-02-09 19:11:47.076601002 +0100
@@ -111,12 +111,15 @@
 .ft B
 uid = <task user>;
 gid = <task group>;
+mode = <task mode>;
 .RE
 }
 admin {
 .RS
 uid = <admin name>;
 gid = <admin group>;
+dmode = <admin directory mode>;
+fmode = <admin files mode>;
 .RE
 }
 .RE
@@ -133,10 +136,19 @@
 file of the control group. I.e. this user and members of this
 group has write access to the file.
 .TP 17
+.B "task mode"
+Permission mode of \fItasks\fR file of the control group.
+The mode have to be set using octal numbers e.g. 640.
+.TP 17
 .B "admin user/group"
 Name of the user and the group, which owns the rest of control group's
 files. These users are allowed to set subsystem
 parameters and create subgroups.
+.TP 17
+.B "admin dmode/fmode"
+Permission mode of control group's directory (\fIdmode\fR) and files
+(\fIfmode\fR). The mode have to be set using octal numbers e.g. 775
+for \fIdmode\fR and 664 for \fIfmode\fR.
 .LP
 Permissions are related only to enclosing control group and are not
 inherited by subgroups. If there is no
diff -ur libcgroup-0.37/src/api.c libcgroup-0.37-mode/src/api.c
--- libcgroup-0.37/src/api.c	2010-12-07 16:42:41.000000000 +0100
+++ libcgroup-0.37-mode/src/api.c	2011-02-09 18:57:25.455591513 +0100
@@ -1409,6 +1409,10 @@
 			cgroup_dbg("Changing ownership of %s\n", fts_path[0]);
 			error = cg_chown_recursive(fts_path,
 				cgroup->control_uid, cgroup->control_gid);
+			if (!error)
+				error = cg_chmod_recursive(cgroup,
+						cgroup->control_dmode, cgroup->control_dmode,
+						cgroup->control_fmode, cgroup->control_fmode);
 		}
 
 		if (error)
@@ -1458,6 +1462,13 @@
 			if (error) {
 				last_errno = errno;
 				error = ECGOTHER;
+				goto err;
+			}
+			if (cgroup->tasks_mode != 0)
+				error = chmod(path, cgroup->tasks_mode);
+			if (error) {
+				last_errno = errno;
+				error = ECGOTHER;
 				goto err;
 			}
 		}
diff -ur libcgroup-0.37/src/config.c libcgroup-0.37-mode/src/config.c
--- libcgroup-0.37/src/config.c	2010-12-07 16:42:41.000000000 +0100
+++ libcgroup-0.37-mode/src/config.c	2011-02-09 18:59:15.330591502 +0100
@@ -226,6 +226,29 @@
 		}
 		config_cgroup->tasks_gid = val;
 	}
+	if (!strcmp(perm_type, "mode")) {
+		/* allowed mode strings are octal version: "755" */
+		mode_t mode = 0;
+		int pos = 0; /* position of the number iin string */
+		int i;
+		int j = 64;
+
+		while (pos < 3) {
+			if (value[pos] < '0' || value[pos] >= '8')
+				goto group_task_error;
+			i = (int)value[pos] - (int)'0';
+			/* parse the permission triple*/
+			mode = mode + i*j;
+			j = j / 8;
+			pos++;
+		}
+
+		/* the string have to contain three characters */
+		if (value[pos] != '\0')
+			goto group_task_error;
+
+		config_cgroup->tasks_mode = mode;
+	}
 
 	free(perm_type);
 	free(value);
@@ -292,6 +315,52 @@
 		}
 		config_cgroup->control_gid = val;
 	}
+	if (!strcmp(perm_type, "dmode")) {
+		/* allowed mode strings are octal version: "755" */
+		mode_t mode = 0;
+		int pos = 0; /* position of the number iin string */
+		int i;
+		int j = 64;
+
+		while (pos < 3) {
+			if (value[pos] < '0' || value[pos] >= '8')
+				goto admin_error;
+			i = (int)value[pos] - (int)'0';
+			/* parse the permission triple*/
+			mode = mode + i*j;
+			j = j / 8;
+			pos++;
+		}
+
+		/* the string have to contain three characters */
+		if (value[pos] != '\0')
+			goto admin_error;
+
+		config_cgroup->control_dmode = mode;
+	}
+	if (!strcmp(perm_type, "fmode")) {
+		/* allowed mode strings are octal version: "755" */
+		mode_t mode = 0;
+		int pos = 0; /* position of the number iin string */
+		int i;
+		int j = 64;
+
+		while (pos < 3) {
+			if (value[pos] < '0' || value[pos] >= '8')
+				goto admin_error;
+			i = (int)value[pos] - (int)'0';
+			/* parse the permission triple*/
+			mode = mode + i*j;
+			j = j / 8;
+			pos++;
+		}
+
+		/* the string have to contain three characters */
+		if (value[pos] != '\0')
+			goto admin_error;
+
+		config_cgroup->control_fmode = mode;
+	}
 
 	free(perm_type);
 	free(value);
diff -ur libcgroup-0.37/src/libcgroup-internal.h libcgroup-0.37-mode/src/libcgroup-internal.h
--- libcgroup-0.37/src/libcgroup-internal.h	2010-10-20 15:59:13.000000000 +0200
+++ libcgroup-0.37-mode/src/libcgroup-internal.h	2011-02-09 19:14:13.803601030 +0100
@@ -84,8 +84,11 @@
 	int index;
 	uid_t tasks_uid;
 	gid_t tasks_gid;
+	mode_t tasks_mode;
 	uid_t control_uid;
 	gid_t control_gid;
+	mode_t control_dmode;
+	mode_t control_fmode;
 };
Commit	Line	Data
f477da93 JR	1	diff -ur libcgroup-0.37/doc/man/cgconfig.conf.5 libcgroup-0.37-mode/doc/man/cgconfig.conf.5
	2	--- libcgroup-0.37/doc/man/cgconfig.conf.5 2010-12-07 16:42:41.000000000 +0100
	3	+++ libcgroup-0.37-mode/doc/man/cgconfig.conf.5 2011-02-09 19:11:47.076601002 +0100
	4	@@ -111,12 +111,15 @@
	5	.ft B
	6	uid = <task user>;
	7	gid = <task group>;
	8	+mode = <task mode>;
	9	.RE
	10	}
	11	admin {
	12	.RS
	13	uid = <admin name>;
	14	gid = <admin group>;
	15	+dmode = <admin directory mode>;
	16	+fmode = <admin files mode>;
	17	.RE
	18	}
	19	.RE
	20	@@ -133,10 +136,19 @@
	21	file of the control group. I.e. this user and members of this
	22	group has write access to the file.
	23	.TP 17
	24	+.B "task mode"
	25	+Permission mode of \fItasks\fR file of the control group.
	26	+The mode have to be set using octal numbers e.g. 640.
	27	+.TP 17
	28	.B "admin user/group"
	29	Name of the user and the group, which owns the rest of control group's
	30	files. These users are allowed to set subsystem
	31	parameters and create subgroups.
	32	+.TP 17
	33	+.B "admin dmode/fmode"
	34	+Permission mode of control group's directory (\fIdmode\fR) and files
	35	+(\fIfmode\fR). The mode have to be set using octal numbers e.g. 775
	36	+for \fIdmode\fR and 664 for \fIfmode\fR.
	37	.LP
	38	Permissions are related only to enclosing control group and are not
	39	inherited by subgroups. If there is no
	40	diff -ur libcgroup-0.37/src/api.c libcgroup-0.37-mode/src/api.c
	41	--- libcgroup-0.37/src/api.c 2010-12-07 16:42:41.000000000 +0100
	42	+++ libcgroup-0.37-mode/src/api.c 2011-02-09 18:57:25.455591513 +0100
	43	@@ -1409,6 +1409,10 @@
643b509a JR	44	cgroup_dbg("Changing ownership of %s\n", fts_path[0]);
	45	error = cg_chown_recursive(fts_path,
	46	cgroup->control_uid, cgroup->control_gid);
	47	+ if (!error)
f477da93 JR	48	+ error = cg_chmod_recursive(cgroup,
	49	+ cgroup->control_dmode, cgroup->control_dmode,
	50	+ cgroup->control_fmode, cgroup->control_fmode);
643b509a JR	51	}
	52
	53	if (error)
f477da93 JR	54	@@ -1458,6 +1462,13 @@
	55	if (error) {
	56	last_errno = errno;
	57	error = ECGOTHER;
	58	+ goto err;
	59	+ }
	60	+ if (cgroup->tasks_mode != 0)
	61	+ error = chmod(path, cgroup->tasks_mode);
	62	+ if (error) {
	63	+ last_errno = errno;
	64	+ error = ECGOTHER;
	65	goto err;
	66	}
	67	}
	68	diff -ur libcgroup-0.37/src/config.c libcgroup-0.37-mode/src/config.c
	69	--- libcgroup-0.37/src/config.c 2010-12-07 16:42:41.000000000 +0100
	70	+++ libcgroup-0.37-mode/src/config.c 2011-02-09 18:59:15.330591502 +0100
	71	@@ -226,6 +226,29 @@
	72	}
	73	config_cgroup->tasks_gid = val;
	74	}
	75	+ if (!strcmp(perm_type, "mode")) {
	76	+ /* allowed mode strings are octal version: "755" */
	77	+ mode_t mode = 0;
	78	+ int pos = 0; /* position of the number iin string */
	79	+ int i;
	80	+ int j = 64;
	81	+
	82	+ while (pos < 3) {
	83	+ if (value[pos] < '0' \|\| value[pos] >= '8')
	84	+ goto group_task_error;
	85	+ i = (int)value[pos] - (int)'0';
	86	+ /* parse the permission triple*/
	87	+ mode = mode + i*j;
	88	+ j = j / 8;
	89	+ pos++;
	90	+ }
	91	+
	92	+ /* the string have to contain three characters */
	93	+ if (value[pos] != '\0')
	94	+ goto group_task_error;
	95	+
	96	+ config_cgroup->tasks_mode = mode;
	97	+ }
	98
	99	free(perm_type);
	100	free(value);
	101	@@ -292,6 +315,52 @@
	102	}
	103	config_cgroup->control_gid = val;
	104	}
	105	+ if (!strcmp(perm_type, "dmode")) {
	106	+ /* allowed mode strings are octal version: "755" */
	107	+ mode_t mode = 0;
	108	+ int pos = 0; /* position of the number iin string */
	109	+ int i;
	110	+ int j = 64;
	111	+
	112	+ while (pos < 3) {
	113	+ if (value[pos] < '0' \|\| value[pos] >= '8')
	114	+ goto admin_error;
	115	+ i = (int)value[pos] - (int)'0';
	116	+ /* parse the permission triple*/
	117	+ mode = mode + i*j;
118	+ j = j / 8;
119	+ pos++;
120	+ }
121	+
122	+ /* the string have to contain three characters */
123	+ if (value[pos] != '\0')
124	+ goto admin_error;
125	+
126	+ config_cgroup->control_dmode = mode;
127	+ }
128	+ if (!strcmp(perm_type, "fmode")) {
129	+ /* allowed mode strings are octal version: "755" */
130	+ mode_t mode = 0;
131	+ int pos = 0; /* position of the number iin string */
132	+ int i;
133	+ int j = 64;
134	+
135	+ while (pos < 3) {
136	+ if (value[pos] < '0' \|\| value[pos] >= '8')
137	+ goto admin_error;
138	+ i = (int)value[pos] - (int)'0';
139	+ /* parse the permission triple*/
140	+ mode = mode + i*j;
141	+ j = j / 8;
142	+ pos++;
143	+ }
144	+
145	+ /* the string have to contain three characters */
146	+ if (value[pos] != '\0')
147	+ goto admin_error;
148	+
149	+ config_cgroup->control_fmode = mode;
150	+ }
151
152	free(perm_type);
153	free(value);
154	diff -ur libcgroup-0.37/src/libcgroup-internal.h libcgroup-0.37-mode/src/libcgroup-internal.h
155	--- libcgroup-0.37/src/libcgroup-internal.h 2010-10-20 15:59:13.000000000 +0200
156	+++ libcgroup-0.37-mode/src/libcgroup-internal.h 2011-02-09 19:14:13.803601030 +0100
157	@@ -84,8 +84,11 @@
158	int index;
159	uid_t tasks_uid;
160	gid_t tasks_gid;
161	+ mode_t tasks_mode;
162	uid_t control_uid;
163	gid_t control_gid;
164	+ mode_t control_dmode;
165	+ mode_t control_fmode;
166	};
167
168