summaryrefslogtreecommitdiff
path: root/src/util/taler-exchange-secmod-eddsa.c
diff options
context:
space:
mode:
authorFlorian Dold <florian@dold.me>2021-07-29 13:04:55 +0200
committerFlorian Dold <florian@dold.me>2021-07-29 13:04:55 +0200
commit036d4cb71ac1abe1990c936ee1f3b2cbf15d14c1 (patch)
tree5af2eb2adb5d6a71746b1781920cacc0ed30e5c6 /src/util/taler-exchange-secmod-eddsa.c
parentdae09f1a43b58778b01f4bb436504ee2fe8f5357 (diff)
downloadexchange-036d4cb71ac1abe1990c936ee1f3b2cbf15d14c1.tar.gz
exchange-036d4cb71ac1abe1990c936ee1f3b2cbf15d14c1.tar.bz2
exchange-036d4cb71ac1abe1990c936ee1f3b2cbf15d14c1.zip
secmod: services create their own client dirs with correct permissions
Diffstat (limited to 'src/util/taler-exchange-secmod-eddsa.c')
-rw-r--r--src/util/taler-exchange-secmod-eddsa.c39
1 files changed, 39 insertions, 0 deletions
diff --git a/src/util/taler-exchange-secmod-eddsa.c b/src/util/taler-exchange-secmod-eddsa.c
index ac4bfc61b..48dcdf718 100644
--- a/src/util/taler-exchange-secmod-eddsa.c
+++ b/src/util/taler-exchange-secmod-eddsa.c
@@ -1522,6 +1522,45 @@ run (void *cls,
return;
}
+ /* Create client directory and set permissions. */
+ {
+ char *client_dir;
+
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_filename (kcfg,
+ "taler-exchange-secmod-eddsa",
+ "CLIENT_DIR",
+ &client_dir))
+ {
+ GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
+ "taler-exchange-secmod-eddsa",
+ "CLIENT_DIR");
+ global_ret = 3;
+ return;
+ }
+
+ if (GNUNET_OK != GNUNET_DISK_directory_create (client_dir))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Can't create client directory (%s)\n",
+ client_dir);
+ global_ret = 3;
+ return;
+ }
+ /* Set sticky group bit, so that clients will be writeable by the current service. */
+ if (0 != chmod (client_dir,
+ S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP | S_ISGID))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Can't set permissions for client directory (%s)\n",
+ client_dir);
+ global_ret = 3;
+ return;
+ }
+
+ GNUNET_free (client_dir);
+ }
+
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_filename (kcfg,
"taler-exchange-secmod-eddsa",