diff options
| author | Daniel Pinto <danielpinto52@gmail.com> | 2021-04-07 23:46:59 +0100 |
|---|---|---|
| committer | Daniel Pinto <danielpinto52@gmail.com> | 2021-04-07 23:53:06 +0100 |
| commit | bbd558a6eb2745a3b42ad8875604c3ecc2de84be (patch) | |
| tree | 7e4b518c069e9c2b0e9c870c9f41cdce5df7abe3 /src/app/config/config.c | |
| parent | 5ebf2b81a1db144a933b2971d580452d0eafcd31 (diff) | |
| download | tor-bbd558a6eb2745a3b42ad8875604c3ecc2de84be.tar.gz tor-bbd558a6eb2745a3b42ad8875604c3ecc2de84be.zip | |
Make SAVECONF keep only one backup and add sandbox rules for it. #40317
When seccomp sandbox is active, SAVECONF failed because it was not
able to save the backup files for torrc. This commit simplifies
the implementation of SAVECONF and sandbox by making it keep only
one backup of the configuration file.
Diffstat (limited to 'src/app/config/config.c')
| -rw-r--r-- | src/app/config/config.c | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/src/app/config/config.c b/src/app/config/config.c index 5115835a0c..bfa258c904 100644 --- a/src/app/config/config.c +++ b/src/app/config/config.c @@ -6856,7 +6856,7 @@ validate_data_directories(or_options_t *options) /** This string can change; it tries to give the reader an idea * that editing this file by hand is not a good plan. */ #define GENERATED_FILE_COMMENT "# The old torrc file was renamed " \ - "to torrc.orig.1 or similar, and Tor will ignore it" + "to torrc.orig.1, and Tor will ignore it" /** Save a configuration file for the configuration in <b>options</b> * into the file <b>fname</b>. If the file already exists, and @@ -6900,17 +6900,18 @@ write_configuration_file(const char *fname, const or_options_t *options) GENERATED_FILE_PREFIX, GENERATED_FILE_COMMENT, new_conf); if (rename_old) { - int i = 1; char *fn_tmp = NULL; - while (1) { - tor_asprintf(&fn_tmp, "%s.orig.%d", fname, i); - if (file_status(fn_tmp) == FN_NOENT) - break; + tor_asprintf(&fn_tmp, CONFIG_BACKUP_PATTERN, fname); + file_status_t fn_tmp_status = file_status(fn_tmp); + if (fn_tmp_status == FN_DIR || fn_tmp_status == FN_ERROR) { + log_warn(LD_CONFIG, + "Config backup file \"%s\" is not a file? Failing.", fn_tmp); tor_free(fn_tmp); - ++i; + goto err; } + log_notice(LD_CONFIG, "Renaming old configuration file to \"%s\"", fn_tmp); - if (tor_rename(fname, fn_tmp) < 0) {//XXXX sandbox doesn't allow + if (replace_file(fname, fn_tmp) < 0) { log_warn(LD_FS, "Couldn't rename configuration file \"%s\" to \"%s\": %s", fname, fn_tmp, strerror(errno)); |