Fix updater permissions and refactor existing code.
This commit is contained in:
parent
b89d10239b
commit
14e4fefbcf
@ -72,7 +72,7 @@ pub fn start(conf: Configuration, deps: Dependencies) -> Result<Option<SignerSer
|
|||||||
fn codes_path(path: String) -> PathBuf {
|
fn codes_path(path: String) -> PathBuf {
|
||||||
let mut p = PathBuf::from(path);
|
let mut p = PathBuf::from(path);
|
||||||
p.push(CODES_FILENAME);
|
p.push(CODES_FILENAME);
|
||||||
let _ = restrict_permissions_owner(&p);
|
let _ = restrict_permissions_owner(&p, true, false);
|
||||||
p
|
p
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -18,8 +18,9 @@ use std::sync::{Arc, Weak};
|
|||||||
use std::fs;
|
use std::fs;
|
||||||
use std::io::Write;
|
use std::io::Write;
|
||||||
use std::path::{PathBuf};
|
use std::path::{PathBuf};
|
||||||
use util::misc::platform;
|
|
||||||
use ipc_common_types::{VersionInfo, ReleaseTrack};
|
use ipc_common_types::{VersionInfo, ReleaseTrack};
|
||||||
|
use util::path::restrict_permissions_owner;
|
||||||
|
use util::misc::platform;
|
||||||
use util::{Address, H160, H256, FixedHash, Mutex, Bytes};
|
use util::{Address, H160, H256, FixedHash, Mutex, Bytes};
|
||||||
use ethsync::{SyncProvider};
|
use ethsync::{SyncProvider};
|
||||||
use ethcore::client::{BlockId, BlockChainClient, ChainNotify};
|
use ethcore::client::{BlockId, BlockChainClient, ChainNotify};
|
||||||
@ -197,7 +198,8 @@ impl Updater {
|
|||||||
let dest = self.updates_path(&Self::update_file_name(&fetched.version));
|
let dest = self.updates_path(&Self::update_file_name(&fetched.version));
|
||||||
fs::create_dir_all(dest.parent().expect("at least one thing pushed; qed")).map_err(|e| format!("Unable to create updates path: {:?}", e))?;
|
fs::create_dir_all(dest.parent().expect("at least one thing pushed; qed")).map_err(|e| format!("Unable to create updates path: {:?}", e))?;
|
||||||
fs::copy(&b, &dest).map_err(|e| format!("Unable to copy update: {:?}", e))?;
|
fs::copy(&b, &dest).map_err(|e| format!("Unable to copy update: {:?}", e))?;
|
||||||
info!(target: "updater", "Copied file to {}", dest.display());
|
restrict_permissions_owner(&dest, false, true).map_err(|e| format!("Unable to update permissions: {}", e))?;
|
||||||
|
info!(target: "updater", "Installed updated binary to {}", dest.display());
|
||||||
let auto = match self.update_policy.filter {
|
let auto = match self.update_policy.filter {
|
||||||
UpdateFilter::All => true,
|
UpdateFilter::All => true,
|
||||||
UpdateFilter::Critical if fetched.is_critical /* TODO: or is on a bad fork */ => true,
|
UpdateFilter::Critical if fetched.is_critical /* TODO: or is on a bad fork */ => true,
|
||||||
|
@ -1168,8 +1168,8 @@ fn save_key(path: &Path, key: &Secret) {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
if let Err(e) = restrict_permissions_owner(path) {
|
if let Err(e) = restrict_permissions_owner(path, true, false) {
|
||||||
warn!(target: "network", "Failed to modify permissions of the file (chmod: {})", e);
|
warn!(target: "network", "Failed to modify permissions of the file ({})", e);
|
||||||
}
|
}
|
||||||
if let Err(e) = file.write(&key.hex().into_bytes()) {
|
if let Err(e) = file.write(&key.hex().into_bytes()) {
|
||||||
warn!("Error writing key file: {:?}", e);
|
warn!("Error writing key file: {:?}", e);
|
||||||
|
@ -86,18 +86,15 @@ pub mod ethereum {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/// Restricts the permissions of given path only to the owner.
|
/// Restricts the permissions of given path only to the owner.
|
||||||
#[cfg(not(windows))]
|
#[cfg(unix)]
|
||||||
pub fn restrict_permissions_owner(file_path: &Path) -> Result<(), i32> {
|
pub fn restrict_permissions_owner(file_path: &Path, write: bool, executable: bool) -> Result<(), String> {
|
||||||
let cstr = ::std::ffi::CString::new(file_path.to_str().unwrap()).unwrap();
|
let perms = ::std::os::unix::fs::PermissionsExt::from_mode(0o400 + write as u32 * 0o200 + executable as u32 * 0o100);
|
||||||
match unsafe { ::libc::chmod(cstr.as_ptr(), ::libc::S_IWUSR | ::libc::S_IRUSR) } {
|
::std::fs::set_permissions(file_path, perms).map_err(|e| format!("{:?}", e))
|
||||||
0 => Ok(()),
|
|
||||||
x => Err(x),
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Restricts the permissions of given path only to the owner.
|
/// Restricts the permissions of given path only to the owner.
|
||||||
#[cfg(windows)]
|
#[cfg(not(unix))]
|
||||||
pub fn restrict_permissions_owner(_file_path: &Path) -> Result<(), i32> {
|
pub fn restrict_permissions_owner(_file_path: &Path) -> Result<(), String> {
|
||||||
//TODO: implement me
|
//TODO: implement me
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user