libuuid: Don't run uuidd if it would fail due to permission problems

Some distributions don't like installing uuidd setuid or setgid.  So
if the setuid or setigid bit is not set with uuidd, and the current
process does not have write access to the UUIDD work directory, don't
try running uuidd, since it won't work properly.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>

2 files changed, 8 insertions, 2 deletions

diff --git a/lib/uuid/gen_uuid.c b/lib/uuid/gen_uuid.c
index 5893aff3..420ca2b2 100644
--- a/lib/uuid/gen_uuid.c
+++ b/lib/uuid/gen_uuid.c
@@ -481,6 +481,7 @@ static int get_uuid_via_daemon(int op, uuid_t out, int *num)
 	ssize_t ret;
 	int32_t reply_len = 0, expected = 16;
 	struct sockaddr_un srv_addr;
+	struct stat st;
 	pid_t pid;
 	static const char *uuidd_path = UUIDD_PATH;
 	static int access_ret = -2;
@@ -496,6 +497,10 @@ static int get_uuid_via_daemon(int op, uuid_t out, int *num)
 		    sizeof(struct sockaddr_un)) < 0) {
 		if (access_ret == -2)
 			access_ret = access(uuidd_path, X_OK);
+		if (access_ret == 0)
+			access_ret = stat(uuidd_path, &st);
+		if (access_ret == 0 && (st.st_mode & (S_ISUID | S_ISGID)) == 0)
+			access_ret = access(UUIDD_DIR, W_OK);
 		if (access_ret == 0 && start_attempts++ < 5) {
 			if ((pid = fork()) == 0) {
 				close_all_fds();
diff --git a/lib/uuid/uuidd.h b/lib/uuid/uuidd.h
index 528acdc9..c71f4b78 100644
--- a/lib/uuid/uuidd.h
+++ b/lib/uuid/uuidd.h
@@ -35,8 +35,9 @@
 #ifndef _UUID_UUIDD_H
 #define _UUID_UUIDD_H
 
-#define UUIDD_SOCKET_PATH	"/var/lib/libuuid/request"
-#define UUIDD_PIDFILE_PATH	"/var/lib/libuuid/uuidd.pid"
+#define UUIDD_DIR		"/var/lib/libuuid"
+#define UUIDD_SOCKET_PATH	UUIDD_DIR "/request"
+#define UUIDD_PIDFILE_PATH	UUIDD_DIR "/uuidd.pid"
 #define UUIDD_PATH		"/usr/sbin/uuidd"
 
 #define UUIDD_OP_GETPID			0