From 22613294ae751f47409cfac03a7fd28cf9222031 Mon Sep 17 00:00:00 2001
From: LiFeng <lifeng68@huawei.com>
Date: Fri, 28 Feb 2020 22:59:05 -0500
Subject: [PATCH 140/140] lxc: remove umask when populate devices

Signed-off-by: LiFeng <lifeng68@huawei.com>
---
 src/lxc/conf.c | 38 ++++++++++++++++++++++++++------------
 1 file changed, 26 insertions(+), 12 deletions(-)

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index b66e7bc..65b33ea 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -4008,23 +4008,28 @@ static int setup_populate_devs(const struct lxc_rootfs *rootfs, struct lxc_list
 	mode_t file_mode = 0;
 	struct lxc_populate_devs *dev_elem = NULL;
 	struct lxc_list *it = NULL;
+	mode_t cur_mask;
 
 	INFO("Populating devices into container");
+	cur_mask = umask(0000);
 	lxc_list_for_each(it, devs) {
 		dev_elem = it->elem;
 
 		ret = snprintf(path, MAXPATHLEN, "%s/%s", rootfs->path ? rootfs->mount : "", dev_elem->name);
-		if (ret < 0 || ret >= MAXPATHLEN)
-			return -1;
+		if (ret < 0 || ret >= MAXPATHLEN) {
+			ret = -1;
+			goto reset_umask;
+		}
 
 		/* create any missing directories */
 		pathdirname = safe_strdup(path);
 		pathdirname = dirname(pathdirname);
-		ret = mkdir_p(pathdirname, 0750);
+		ret = mkdir_p(pathdirname, 0755);
 		free(pathdirname);
 		if (ret < 0) {
 			WARN("Failed to create target directory");
-			return -1;
+			ret = -1;
+			goto reset_umask;
 		}
 
 		if (!strcmp(dev_elem->type, "c")) {
@@ -4033,7 +4038,8 @@ static int setup_populate_devs(const struct lxc_rootfs *rootfs, struct lxc_list
 			file_mode = dev_elem->file_mode | S_IFBLK;
 		} else {
 			ERROR("Failed to parse devices type '%s'", dev_elem->type);
-			return -1;
+			ret = -1;
+			goto reset_umask;
 		}
 
 		DEBUG("Try to mknod '%s':'%d':'%d':'%d'\n", path,
@@ -4045,34 +4051,42 @@ static int setup_populate_devs(const struct lxc_rootfs *rootfs, struct lxc_list
 			         file_mode, dev_elem->maj, dev_elem->min);
 
 			char hostpath[MAXPATHLEN];
-			FILE *pathfile;
+			FILE *pathfile = NULL;
 
 			// Unprivileged containers cannot create devices, so
 			// try to bind mount the device from the host
 			ret = snprintf(hostpath, MAXPATHLEN, "/dev/%s", dev_elem->name);
-			if (ret < 0 || ret >= MAXPATHLEN)
-				return -1;
+			if (ret < 0 || ret >= MAXPATHLEN) {
+				ret = -1;
+				goto reset_umask;
+			}
 			pathfile = lxc_fopen(path, "wb");
 			if (!pathfile) {
 				SYSERROR("Failed to create device mount target '%s'", path);
-				return -1;
+				ret = -1;
+				goto reset_umask;
 			}
 			fclose(pathfile);
 			if (safe_mount(hostpath, path, 0, MS_BIND, NULL,
 			                rootfs->path ? rootfs->mount : NULL) != 0) {
 				SYSERROR("Failed bind mounting device %s from host into container",
 				         dev_elem->name);
-				return -1;
+				ret = -1;
+				goto reset_umask;
 			}
 		}
 		if (chown(path, dev_elem->uid, dev_elem->gid) < 0) {
 			ERROR("Error chowning %s", path);
-			return -1;
+			ret = -1;
+			goto reset_umask;
 		}
 	}
 
+reset_umask:
+	(void)umask(cur_mask);
+
 	INFO("Populated devices into container /dev");
-	return 0;
+	return ret;
 }
 
 // isulad: setup rootfs mountopts
-- 
1.8.3.1