Enhance off-line mode detection based on lock:
- don't use exceptions for non-exceptional code paths
- only attempt off-line mode if caller is root
Also fix misleading logs informing about lock failures (that doesn't
lead to actual security-mnanager failures) caused by lock attempt on a
lock file without proper permissions.
Change-Id: Ie7fca37154a1993cd46c59a0204837904593e5db
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
{
offlineMode = false;
serviceLock = nullptr;
{
offlineMode = false;
serviceLock = nullptr;
+
+ if (geteuid()) {
+ LogInfo("UID != 0, attempting only on-line mode.");
+ return;
+ }
+
try {
serviceLock = new SecurityManager::FileLocker(SecurityManager::SERVICE_LOCK_FILE, false);
if (serviceLock->Locked()) {
try {
serviceLock = new SecurityManager::FileLocker(SecurityManager::SERVICE_LOCK_FILE, false);
if (serviceLock->Locked()) {
LogInfo("Service seems to be running now.");
}
} catch (...) {
LogInfo("Service seems to be running now.");
}
} catch (...) {
- /* Ignore exceptions, assume on-line */
+ LogError("Cannot detect off-line mode by lock.");
+ offlineMode = false;
ThrowMsg(FileLocker::Exception::LockFailed,
"File name can not be empty.");
}
ThrowMsg(FileLocker::Exception::LockFailed,
"File name can not be empty.");
}
- try {
- m_locked = false;
- m_blocking = blocking;
- m_lockFile = lockFile;
- Lock();
- } catch (FileLocker::Exception::Base &e) {
- LogError("Failed to lock " << lockFile << " file: "
- << e.DumpToString());
- ThrowMsg(FileLocker::Exception::LockFailed,
- "Failed to lock " << lockFile << " file: "
- << e.DumpToString());
- }
+
+ m_locked = false;
+ m_blocking = blocking;
+ m_lockFile = lockFile;
+ Lock();
}
FileLocker::~FileLocker()
}
FileLocker::~FileLocker()
- if (!std::ifstream(m_lockFile).good())
- std::ofstream(m_lockFile.c_str());
+ std::ofstream tmpf(m_lockFile);
+ tmpf.close();
+
m_flock = boost::interprocess::file_lock(m_lockFile.c_str());
if (m_blocking) {
m_flock.lock();
m_flock = boost::interprocess::file_lock(m_lockFile.c_str());
if (m_blocking) {
m_flock.lock();
} else
m_locked = m_flock.try_lock();
} catch (const std::exception &e) {
} else
m_locked = m_flock.try_lock();
} catch (const std::exception &e) {
- ThrowMsg(FileLocker::Exception::LockFailed,
- "Error while locking a file.");
+ LogError("Error while locking a file: " << e.what());
+ ThrowMsg(FileLocker::Exception::LockFailed,
+ "Error while locking a file: " << e.what());
LogDebug("We have a lock on " << m_lockFile << " file.");
LogDebug("We have a lock on " << m_lockFile << " file.");
- } else {
- if (m_blocking) {
- ThrowMsg(FileLocker::Exception::LockFailed,
- "Unable to lock file.");
- } else {
- LogDebug("Impossible to lock a file now.");
- }
- }
+ else
+ LogDebug("Impossible to lock a file now.");
}
void FileLocker::Unlock()
}
void FileLocker::Unlock()