From 32da9626a508f0d4f55fa113b3f04fa0754d7ae2 Mon Sep 17 00:00:00 2001
From: Sage Weil <sage@redhat.com>
Date: Mon, 8 Feb 2016 11:28:27 -0500
Subject: [PATCH] log: add option fchown on log file

Add explicit call to set the log file uid/gid.  fchown it
immediately, and do the same if it is reopened.

Signed-off-by: Sage Weil <sage@redhat.com>
---
 src/log/Log.cc | 24 ++++++++++++++++++++++++
 src/log/Log.h  |  3 +++
 2 files changed, 27 insertions(+)

diff --git a/src/log/Log.cc b/src/log/Log.cc
index 46dbb71466f4..4b226a1ac064 100644
--- a/src/log/Log.cc
+++ b/src/log/Log.cc
@@ -50,6 +50,8 @@ Log::Log(SubsystemMap *s)
     m_flush_mutex_holder(0),
     m_new(), m_recent(),
     m_fd(-1),
+    m_uid(0),
+    m_gid(0),
     m_syslog_log(-2), m_syslog_crash(-2),
     m_stderr_log(1), m_stderr_crash(-1),
     m_graylog_log(-3), m_graylog_crash(-3),
@@ -136,6 +138,14 @@ void Log::reopen_log_file()
     VOID_TEMP_FAILURE_RETRY(::close(m_fd));
   if (m_log_file.length()) {
     m_fd = ::open(m_log_file.c_str(), O_CREAT|O_WRONLY|O_APPEND, 0644);
+    if (m_uid || m_gid) {
+      int r = ::fchown(m_fd, m_uid, m_gid);
+      if (r < 0) {
+	r = -errno;
+	cerr << "failed to chown " << m_log_file << ": " << cpp_strerror(r)
+	     << std::endl;
+      }
+    }
   } else {
     m_fd = -1;
   }
@@ -143,6 +153,20 @@ void Log::reopen_log_file()
   pthread_mutex_unlock(&m_flush_mutex);
 }
 
+void Log::chown_log_file(uid_t uid, gid_t gid)
+{
+  pthread_mutex_lock(&m_flush_mutex);
+  if (m_fd >= 0) {
+    int r = ::fchown(m_fd, uid, gid);
+    if (r < 0) {
+      r = -errno;
+      cerr << "failed to chown " << m_log_file << ": " << cpp_strerror(r)
+	   << std::endl;
+    }
+  }
+  pthread_mutex_unlock(&m_flush_mutex);
+}
+
 void Log::set_syslog_level(int log, int crash)
 {
   pthread_mutex_lock(&m_flush_mutex);
diff --git a/src/log/Log.h b/src/log/Log.h
index ba2dc41d0572..d270ae3beb02 100644
--- a/src/log/Log.h
+++ b/src/log/Log.h
@@ -37,6 +37,8 @@ class Log : private Thread
 
   std::string m_log_file;
   int m_fd;
+  uid_t m_uid;
+  gid_t m_gid;
 
   int m_syslog_log, m_syslog_crash;
   int m_stderr_log, m_stderr_crash;
@@ -66,6 +68,7 @@ public:
   void set_max_recent(int n);
   void set_log_file(std::string fn);
   void reopen_log_file();
+  void chown_log_file(uid_t uid, gid_t gid);
 
   void flush();
 
-- 
2.47.3