Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Restore creation of $SNAP_USER_DATA #97
Conversation
zyga
added some commits
Aug 10, 2016
mvo5
reviewed
Aug 11, 2016
| + | ||
| + if (user_data == NULL) | ||
| + return; | ||
| + // Only support absolute paths. |
mvo5
Aug 11, 2016
Contributor
I was initially wondering if we need extra validation here, but I think we don't because privs have already dropped when mkdir is called.
zyga
Aug 11, 2016
Collaborator
We might though snap-confine is already confined with apparmor so (at least where apparmor is used) this is not critical. I will land this and follow up with a small patch to check for ... Thanks for spotting this.
|
Looks good, thanks for the tests! |
|
Sorry, but this appears to cause a regression with the apparmor rules on ecryptfs. |
|
I will try to come up with a one-time fix by testing locally with encrypted home directory but we should investigate how to support that in spread. |
zyga
referenced this pull request
Aug 11, 2016
Merged
Move apparmor profile for snap-confine to src/ #98
|
|
zyga
merged commit ba8ab6a
into
master
Aug 11, 2016
1 check passed
zyga
deleted the
restore-user-dir-creation
branch
Aug 12, 2016
|
I am not a fan of this change because I think it is papering over the larger problem of using sudo with snap commands and the fact that it is creating directories with root:root permissions in the user's home directory. This feels very wrong and causes lots of pain for users when they use the command under sudo and it later fails when not running under sudo. That said, the architects have not taken a stance on this issue yet and the current implementation dictates that it should work, so these rules are required. +0 (as in, I won't block this commit, but I do not approve of the changes) |
zyga commentedAug 11, 2016
•
Edited 1 time
-
zyga
Aug 11, 2016
This patch restores creation of SNAP_USER_DATA directory. This was a regression of functionality that occurred because the new code path in snapd that does the same thing is not active yet (it depends on snap-exec).
The fix comes with spread tests that should reliably work even when snap-exec is in use.
Fixes: https://bugs.launchpad.net/snap-confine/+bug/1612120