Commit c227a531 authored by Leigh Stoller's avatar Leigh Stoller

Try harder not to leave files in /tmp; Try flipping back to root if the

unlink fails (which will work if setuid and have not dropped it).
parent 2eafa486
#!/usr/bin/perl -w
#
# Copyright (c) 2000-2018 University of Utah and the Flux Group.
# Copyright (c) 2000-2019 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
......@@ -315,7 +315,7 @@ sub AuditEnd(;$)
SendAuditMail($status);
delete @ENV{'TBAUDITLOG', 'TBAUDITON'};
unlink($logfile)
DeleteLogFile()
if (defined($logfile) && !$savelog);
return 0;
}
......@@ -374,7 +374,7 @@ sub AuditAbort()
# This should be okay; the process will keep writing to it,
# but will be deleted once the process ends and its closed.
#
unlink($logfile)
DeleteLogFile()
if (!$savelog);
undef($logfile);
}
......@@ -474,6 +474,22 @@ sub AuditFork()
return 0;
}
#
# Try to delete the log file. We might have to flip back to root.
#
sub DeleteLogFile()
{
return
if (!defined($logfile) || $savelog);
return
if (unlink($logfile));
# Failed, try flipping (which will fail of course if not setuid).
$EUID = 0;
unlink($logfile);
}
#
# Internal function to send the email. First argument is exit status.
#
......@@ -524,7 +540,7 @@ sub SendAuditMail($)
# Success and no log ...
if ($exitstatus == 0 && !(defined($logfile) && -s $logfile)) {
# Do not save empty logfile.
unlink($logfile)
DeleteLogFile()
if (defined($logfile));
goto done;
}
......@@ -580,7 +596,7 @@ sub SendAuditMail($)
# This always succeeds, stop leaving file in /tmp
$brand->SendEmail($TO, $subject, $body, $FROM, $HDRS, @FILES);
unlink($logfile)
DeleteLogFile()
if (defined($logfile) && !$savelog);
done:
......@@ -668,7 +684,7 @@ sub SendFancyMail($)
}
if ($sendmail_res) {
unlink($logfile)
DeleteLogFile()
if (defined($logfile) && !$savelog);
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment