Close a very small window during which new (empty) instances of rotated log

files are owned by the caller of newsyslog (usually root:wheel) even if alternative ownerships were specified in newsyslog.conf. Note that this is part of a wider problem which is fully addressed in OpenBSD. Anyone with the time and inclination to incorporate the full fix for the wider problem will receive no complaints from me and should feel free to walk all over this delta. PR: bin/36738 MFC after: 1 week
svn path=/head/; revision=94352
2002-04-10 10:38:44 +00:00 · 2002-04-10 10:38:44 +00:00 · 669d663174 · 2020-12-20 02:59:44 +00:00
commit 669d663174
parent 1fd0288692
1 changed files with 13 additions and 4 deletions
--- a/usr.sbin/newsyslog/newsyslog.c
+++ b/usr.sbin/newsyslog/newsyslog.c
@ -513,6 +513,7 @@ dotrim(char *log, const char *pid_file, int numdays, int flags, int perm,
 	char file1[MAXPATHLEN], file2[MAXPATHLEN];
 	char zfile1[MAXPATHLEN], zfile2[MAXPATHLEN];
 	char jfile1[MAXPATHLEN];
+	char tfile[MAXPATHLEN];
 	int notified, need_notification, fd, _numdays;
 	struct stat st;
 	pid_t pid;
@ -644,20 +645,28 @@ dotrim(char *log, const char *pid_file, int numdays, int flags, int perm,
 	if (noaction)
 		printf("Start new log...");
 	else {
-		fd = creat(log, perm);
+		strlcpy(tfile, log, sizeof(tfile));
+		strlcat(tfile, ".XXXXXX", sizeof(tfile));
+		mkstemp(tfile);
+		fd = creat(tfile, perm);
 		if (fd < 0)
 			err(1, "can't start new log");
 		if (fchown(fd, owner_uid, group_gid))
 			err(1, "can't chmod new log file");
 		(void) close(fd);
 		if (!(flags & CE_BINARY))
-			if (log_trim(log))	/* Add status message */
+			if (log_trim(tfile))	/* Add status message */
 				err(1, "can't add status message to log");
 	}
 	if (noaction)
 		printf("chmod %o %s...\n", perm, log);
-	else
-		(void) chmod(log, perm);
+	else {
+		(void) chmod(tfile, perm);
+		if (rename(tfile, log) < 0) {
+			err(1, "can't start new log");
+			(void) unlink(tfile);
+		}
+	}

 	pid = 0;
 	need_notification = notified = 0;