cmd/fshim: ensure data directory

Ensuring home directory in shim causes the directory to be owned by the target user. Signed-off-by: Ophestra <cat@gensokyo.uk>
2024-12-28 14:39:01 +09:00
parent b9e2003d5b
commit 9b206072fa
3 changed files with 18 additions and 0 deletions
--- a/cmd/fshim/ipc/payload.go
+++ b/cmd/fshim/ipc/payload.go
@@ -13,6 +13,8 @@ type Payload struct {
 	Exec [2]string
 	// bwrap config
 	Bwrap *bwrap.Config
+	// path to outer home directory
+	Home string
 	// sync fd
 	Sync *uintptr

--- a/cmd/fshim/main.go
+++ b/cmd/fshim/main.go
@@ -81,6 +81,21 @@ func main() {
 		// not fatal
 	}

+	// ensure home directory as target user
+	if s, err := os.Stat(payload.Home); err != nil {
+		if os.IsNotExist(err) {
+			if err = os.Mkdir(payload.Home, 0700); err != nil {
+				fmsg.Fatalf("cannot create home directory: %v", err)
+			}
+		} else {
+			fmsg.Fatalf("cannot access home directory: %v", err)
+		}
+
+		// home directory is created, proceed
+	} else if !s.IsDir() {
+		fmsg.Fatalf("data path %q is not a directory", payload.Home)
+	}
+
 	var ic init0.Payload

 	// resolve argv0