Create subsession and `apps_rw` directories with

[subsession_uid]:system_share UID:GID

Change-Id: Ib1f8d18d715ba6ff52c97cfe78c56d00ae2e9d37

diff --git a/sessiond/src/fs_helpers.cpp b/sessiond/src/fs_helpers.cpp
index 8c68a20..614f3b1 100644 (file)
--- a/sessiond/src/fs_helpers.cpp
+++ b/sessiond/src/fs_helpers.cpp
@@ -135,14 +135,23 @@ int fs_helpers::get_gid_from_name(std::string_view group_name)
        std::unique_ptr<char[]> str_grp_buf(new char[max_grp_buf_size]);
 
        group pass_grp_buf, *pass_grp_ptr;
-       getgrnam_r(main_dir_group.data(), &pass_grp_buf, str_grp_buf.get(), max_grp_buf_size, &pass_grp_ptr);
+       getgrnam_r(group_name.data(), &pass_grp_buf, str_grp_buf.get(), max_grp_buf_size, &pass_grp_ptr);
        if (!pass_grp_ptr)
                throw std::runtime_error("Couldn't get Unix gid for `"s
-                       + main_dir_group.data()
+                       + group_name.data()
                        + "` group");
        return pass_grp_ptr->gr_gid;
 }
 
+void fs_helpers::change_owner_and_group(std::string_view path, const int session_uid, const int group_id)
+{
+       if (chown(path.data(), session_uid, group_id) == -1)
+               throw std::system_error(errno, std::system_category(),
+                       "Couldn't set owner/group of the `"s
+                       + path.data()
+                       + "` file/directory");
+}
+
 // Create `$HOME/subsession` directory if it doesn't exist
 void fs_helpers::create_main_subdirectory(const int session_uid, std::string_view main_dir)
 {
@@ -200,6 +209,9 @@ void fs_helpers::add_user_subsession(const int session_uid, const std::string_vi
 
                fs::create_directory(tmp_subsession_dir);
 
+               int gid = get_gid_from_name(main_dir_group);
+               change_owner_and_group(tmp_subsession_dir, session_uid, gid);
+
                std::string apps_rw_dir = tmp_subsession_dir + "/apps_rw";
                fs::path apps_rw_path { apps_rw_dir };
                std::string source_dir = "/etc/skel/apps_rw";
@@ -224,7 +236,7 @@ void fs_helpers::add_user_subsession(const int session_uid, const std::string_vi
                        copy_smack_attributes(s_path, d_path);
                }
                // Last but not least - the `apps_rw` directory itself
-               copy_ownership(source_dir, apps_rw_dir);
+               change_owner_and_group(apps_rw_dir, session_uid, gid);
                copy_smack_attributes(source_dir, apps_rw_dir);
 
                // Copy + rename so that the replacement is atomic

diff --git a/sessiond/src/fs_helpers.h b/sessiond/src/fs_helpers.h
index d0772cb..8843a87 100644 (file)
--- a/sessiond/src/fs_helpers.h
+++ b/sessiond/src/fs_helpers.h
@@ -15,6 +15,7 @@ namespace fs_helpers
        fs::path get_subsession_dir_by_uid(const int session_uid);
 
        void create_main_subdirectory(const int session_uid, std::string_view main_dir);
+       void change_owner_and_group(std::string_view path, const int session_uid, const int group_id);
        void copy_ownership(std::string_view src_path, std::string_view dest_path);
        std::string get_smack_label(std::string_view src_path, smack_label_type type);
        void copy_smack_attributes(std::string_view src_path, std::string_view dest_path);