explicitly set file and directory permissions

2024-11-23 19:10:09 +03:00 · 2021-05-05 02:00:02 +05:30 · 2021-05-05 02:00:02 +05:30 · 7982636741
commit 7982636741
parent c1dd2c588e
6 changed files with 36 additions and 17 deletions
--- a/src/common/os_input_output.rs
+++ b/src/common/os_input_output.rs
@ -15,15 +15,22 @@ use nix::sys::termios;
 use nix::sys::wait::waitpid;
 use nix::unistd::{self, ForkResult, Pid};
 use signal_hook::{consts::signal::*, iterator::Signals};
-use std::env;
-use std::io;
 use std::io::prelude::*;
-use std::os::unix::io::RawFd;
-use std::path::PathBuf;
+use std::os::unix::{fs::PermissionsExt, io::RawFd};
+use std::path::{Path, PathBuf};
 use std::process::{Child, Command};
 use std::sync::{Arc, Mutex};
+use std::{env, fs, io};
 use zellij_tile::data::Palette;

+const UNIX_PERMISSIONS: u32 = 0o700;
+
+pub fn set_permissions(path: &Path) {
+    let mut permissions = fs::metadata(path).unwrap().permissions();
+    permissions.set_mode(UNIX_PERMISSIONS);
+    fs::set_permissions(path, permissions).unwrap();
+}
+
 fn into_raw_mode(pid: RawFd) {
    let mut tio = termios::tcgetattr(pid).expect("could not get terminal attribute");
    termios::cfmakeraw(&mut tio);
@ -373,11 +380,11 @@ impl ClientOsApi for ClientOsInputOutput {
        }
    }
    fn connect_to_server(&self) {
-        let socket = match LocalSocketStream::connect(ZELLIJ_IPC_PIPE.clone()) {
+        let socket = match LocalSocketStream::connect(&**ZELLIJ_IPC_PIPE) {
            Ok(sock) => sock,
            Err(_) => {
                std::thread::sleep(std::time::Duration::from_millis(20));
-                LocalSocketStream::connect(ZELLIJ_IPC_PIPE.clone()).unwrap()
+                LocalSocketStream::connect(&**ZELLIJ_IPC_PIPE).unwrap()
            }
        };
        let sender = IpcSenderWithContext::new(socket);
--- a/src/common/screen.rs
+++ b/src/common/screen.rs
@ -79,7 +79,7 @@ pub struct Screen {
    full_screen_ws: PositionAndSize,
    /// The index of this [`Screen`]'s active [`Tab`].
    active_tab_index: Option<usize>,
-    /// The [`ClientOsApi`] this [`Screen`] uses.
+    /// The [`ServerOsApi`] this [`Screen`] uses.
    os_api: Box<dyn ServerOsApi>,
    mode_info: ModeInfo,
    input_mode: InputMode,
--- a/src/common/setup.rs
+++ b/src/common/setup.rs
@ -1,9 +1,9 @@
-use crate::common::utils::consts::SYSTEM_DEFAULT_CONFIG_DIR;
+use crate::common::utils::consts::{SYSTEM_DEFAULT_CONFIG_DIR, VERSION};
+use crate::os_input_output::set_permissions;
 use directories_next::{BaseDirs, ProjectDirs};
 use std::io::Write;
 use std::{fs, path::Path, path::PathBuf};

-const VERSION: &str = env!("CARGO_PKG_VERSION");
 const CONFIG_LOCATION: &str = "/.config/zellij";

 #[macro_export]
@ -40,7 +40,9 @@ pub mod install {

        for (path, bytes) in assets {
            let path = data_dir.join(path);
-            fs::create_dir_all(path.parent().unwrap()).unwrap();
+            let parent_path = path.parent().unwrap();
+            fs::create_dir_all(parent_path).unwrap();
+            set_permissions(parent_path);
            if out_of_date || !path.exists() {
                fs::write(path, bytes).expect("Failed to install default assets!");
            }
--- a/src/common/utils/consts.rs
+++ b/src/common/utils/consts.rs
@ -1,5 +1,6 @@
 //! Zellij program-wide constants.

+use crate::os_input_output::set_permissions;
 use directories_next::ProjectDirs;
 use lazy_static::lazy_static;
 use nix::unistd::Uid;
@ -8,6 +9,7 @@ use std::{env, fs};

 pub const ZELLIJ_CONFIG_FILE_ENV: &str = "ZELLIJ_CONFIG_FILE";
 pub const ZELLIJ_CONFIG_DIR_ENV: &str = "ZELLIJ_CONFIG_DIR";
+pub const VERSION: &str = env!("CARGO_PKG_VERSION");

 // TODO: ${PREFIX} argument in makefile
 pub const SYSTEM_DEFAULT_CONFIG_DIR: &str = "/etc/zellij";
@ -18,7 +20,6 @@ lazy_static! {
    pub static ref ZELLIJ_PROJ_DIR: ProjectDirs =
        ProjectDirs::from("org", "Zellij Contributors", "Zellij").unwrap();
    pub static ref ZELLIJ_IPC_PIPE: PathBuf = {
-        let version = env::var("CARGO_PKG_VERSION").unwrap();
        let mut ipc_dir = env::var("ZELLIJ_SOCKET_DIR").map_or_else(
            |_| {
                ZELLIJ_PROJ_DIR
@ -27,8 +28,9 @@ lazy_static! {
            },
            PathBuf::from,
        );
-        ipc_dir.push(&version);
+        ipc_dir.push(VERSION);
        fs::create_dir_all(&ipc_dir).unwrap();
+        set_permissions(&ipc_dir);
        ipc_dir.push(&*SESSION_NAME);
        ipc_dir
    };
--- a/src/common/utils/logging.rs
+++ b/src/common/utils/logging.rs
@ -7,14 +7,17 @@ use std::{
    path::{Path, PathBuf},
 };

+use crate::os_input_output::set_permissions;
 use crate::utils::consts::{ZELLIJ_TMP_LOG_DIR, ZELLIJ_TMP_LOG_FILE};

 pub fn atomic_create_file(file_name: &Path) {
    let _ = fs::OpenOptions::new().create(true).open(file_name);
+    #[cfg(not(test))]
+    set_permissions(file_name);
 }

 pub fn atomic_create_dir(dir_name: &Path) -> io::Result<()> {
-    if let Err(e) = fs::create_dir(dir_name) {
+    let result = if let Err(e) = fs::create_dir(dir_name) {
        if e.kind() == std::io::ErrorKind::AlreadyExists {
            Ok(())
        } else {
@ -22,7 +25,11 @@ pub fn atomic_create_dir(dir_name: &Path) -> io::Result<()> {
        }
    } else {
        Ok(())
+    };
+    if result.is_ok() {
+        set_permissions(dir_name);
    }
+    result
 }

 pub fn debug_log_to_file(mut message: String) -> io::Result<()> {
--- a/src/server/mod.rs
+++ b/src/server/mod.rs
@ -19,7 +19,7 @@ use crate::common::{
    errors::{ContextType, PluginContext, PtyContext, ScreenContext, ServerContext},
    input::actions::{Action, Direction},
    input::handler::get_mode_info,
-    os_input_output::ServerOsApi,
+    os_input_output::{set_permissions, ServerOsApi},
    pty_bus::{PtyBus, PtyInstruction},
    screen::{Screen, ScreenInstruction},
    setup::install::populate_data_dir,
@ -85,8 +85,9 @@ pub fn start_server(os_input: Box<dyn ServerOsApi>) -> thread::JoinHandle<()> {
            let sessions = sessions.clone();
            let send_server_instructions = send_server_instructions.clone();
            move || {
-                drop(std::fs::remove_file(ZELLIJ_IPC_PIPE.clone()));
-                let listener = LocalSocketListener::bind(ZELLIJ_IPC_PIPE.clone()).unwrap();
+                drop(std::fs::remove_file(&*ZELLIJ_IPC_PIPE));
+                let listener = LocalSocketListener::bind(&**ZELLIJ_IPC_PIPE).unwrap();
+                set_permissions(&*ZELLIJ_IPC_PIPE);
                for stream in listener.incoming() {
                    match stream {
                        Ok(stream) => {
@ -134,7 +135,7 @@ pub fn start_server(os_input: Box<dyn ServerOsApi>) -> thread::JoinHandle<()> {
                    ServerInstruction::ClientExit => {
                        *sessions.write().unwrap() = None;
                        os_input.send_to_client(ClientInstruction::Exit);
-                        drop(std::fs::remove_file(ZELLIJ_IPC_PIPE.clone()));
+                        drop(std::fs::remove_file(&*ZELLIJ_IPC_PIPE));
                        break;
                    }
                    ServerInstruction::Render(output) => {