[strongSwan-dev] [PATCH] file_logger: set file owner

Mon Apr 13 13:55:09 CEST 2020

On startup, the file is opened and possibly created as root. On configuration
reload, the file is reopened as the configured user. Therefore, the log file
should be owned by this user.
---
 src/libcharon/bus/listeners/file_logger.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/libcharon/bus/listeners/file_logger.c b/src/libcharon/bus/listeners/file_logger.c
index d1f180227..cc9bc52eb 100644
--- a/src/libcharon/bus/listeners/file_logger.c
+++ b/src/libcharon/bus/listeners/file_logger.c
@@ -243,6 +243,13 @@ METHOD(file_logger_t, open_, void,
 				 this->filename, strerror(errno));
 			return;
 		}
+		if (chown(this->filename, lib->caps->get_uid(lib->caps),
+			lib->caps->get_gid(lib->caps)))
+		{
+			DBG1(DBG_DMN,
+				"changing permissions for file %s failed: %s",
+				this->filename, strerror(errno));
+		}
 #ifdef HAVE_SETLINEBUF
 		if (flush_line)
 		{
-- 
2.25.2

