From 036d4cb71ac1abe1990c936ee1f3b2cbf15d14c1 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Thu, 29 Jul 2021 13:04:55 +0200 Subject: secmod: services create their own client dirs with correct permissions --- src/util/taler-exchange-secmod-eddsa.c | 39 ++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) (limited to 'src/util/taler-exchange-secmod-eddsa.c') diff --git a/src/util/taler-exchange-secmod-eddsa.c b/src/util/taler-exchange-secmod-eddsa.c index ac4bfc61b..48dcdf718 100644 --- a/src/util/taler-exchange-secmod-eddsa.c +++ b/src/util/taler-exchange-secmod-eddsa.c @@ -1522,6 +1522,45 @@ run (void *cls, return; } + /* Create client directory and set permissions. */ + { + char *client_dir; + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_filename (kcfg, + "taler-exchange-secmod-eddsa", + "CLIENT_DIR", + &client_dir)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "taler-exchange-secmod-eddsa", + "CLIENT_DIR"); + global_ret = 3; + return; + } + + if (GNUNET_OK != GNUNET_DISK_directory_create (client_dir)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Can't create client directory (%s)\n", + client_dir); + global_ret = 3; + return; + } + /* Set sticky group bit, so that clients will be writeable by the current service. */ + if (0 != chmod (client_dir, + S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP | S_ISGID)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Can't set permissions for client directory (%s)\n", + client_dir); + global_ret = 3; + return; + } + + GNUNET_free (client_dir); + } + if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (kcfg, "taler-exchange-secmod-eddsa", -- cgit v1.2.3