Charm Helpers

host.mkdir can create inaccessible directories

Bug #1427150 reported by Stuart Bishop on 2015-03-02

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	Charm Helpers	New	Undecided	Unassigned

Bug Description

host.mkdir works by:

- first calling os.makedirs(abspath, perms)
- then os.chown(abspath, uid, gid)
- and finally os.chmod(abspath, uid, gid).

The first creates the full path. Any directories that don't exist in the full path are created with the requested permissions.
The second changes ownership of the final component of the path.
The third resets permissions of the final component of the path.

The problem is that if I call host.mkdir('/some/long/path', 'user', 'group', perms=0o550), and if either /some or /some/long do not exist, then I have created a directory that is only accessible as the root user.

Instead, host.mkdir needs to calculate the absolute path and create the path one segment at a time, resetting the ownership and permissions if the segment did not already exist. This should normally Do What You Want, without allowing directories that should be protected to have their permissions opened up by an odd config setting.

Revision history for this message

Stuart Bishop (stub) wrote on 2015-03-02:

The proposed fix will also address Bug #1421827

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.