In 2f4d2496a88055a8343b3efca618522da8715d92 I didn't notice that one part of virFileOpenAs doesn't actually call to virFileOpenAsNoFork but rather includes a copy of the code from there. --- src/util/util.c | 35 +++++------------------------------ 1 files changed, 5 insertions(+), 30 deletions(-) diff --git a/src/util/util.c b/src/util/util.c index 62e0152..0afb7a2 100644 --- a/src/util/util.c +++ b/src/util/util.c @@ -754,7 +754,6 @@ int virFileOpenAs(const char *path, int openflags, mode_t mode, uid_t uid, gid_t gid, unsigned int flags) { - struct stat st; pid_t pid; int waitret, status, ret = 0; int fd = -1; @@ -821,6 +820,7 @@ virFileOpenAs(const char *path, int openflags, mode_t mode, /* fall back to the simpler method, which works better in * some cases */ VIR_FORCE_CLOSE(fd); + flags &= ~VIR_FILE_OPEN_AS_UID; return virFileOpenAsNoFork(path, openflags, mode, uid, gid, flags); } if (!ret) @@ -845,36 +845,11 @@ parenterror: ret = -errno; goto childerror; } - if ((fd = open(path, openflags, mode)) < 0) { - ret = -errno; - if (ret != -EACCES) { - /* in case of EACCES, the parent will retry */ - virReportSystemError(errno, - _("child failed to create file '%s'"), - path); - } - goto childerror; - } - if (fstat(fd, &st) == -1) { - ret = -errno; - virReportSystemError(errno, _("stat of '%s' failed"), path); - goto childerror; - } - if ((st.st_gid != gid) - && (fchown(fd, -1, gid) < 0)) { - ret = -errno; - virReportSystemError(errno, _("cannot chown '%s' to (%u, %u)"), - path, (unsigned int) uid, (unsigned int) gid); - goto childerror; - } - if ((flags & VIR_FILE_OPEN_FORCE_PERMS) - && (fchmod(fd, mode) < 0)) { - ret = -errno; - virReportSystemError(errno, - _("cannot set mode of '%s' to %04o"), - path, mode); + + ret = virFileOpenAsNoFork(path, openflags, mode, uid, gid, flags); + if (ret < 0) goto childerror; - } + fd = ret; do { ret = sendfd(pair[1], fd); -- 1.7.6