tailscale/paths/paths_unix.go
Brad Fitzpatrick f121bb0c8a paths: skip unix chmod if state directory is already 0700
Updates #2934

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-09-29 20:45:40 -07:00

84 lines
1.6 KiB
Go

// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build !windows
// +build !windows
package paths
import (
"fmt"
"os"
"path/filepath"
"runtime"
"golang.org/x/sys/unix"
)
func init() {
stateFileFunc = stateFileUnix
}
func statePath() string {
switch runtime.GOOS {
case "linux":
return "/var/lib/tailscale/tailscaled.state"
case "freebsd", "openbsd":
return "/var/db/tailscale/tailscaled.state"
case "darwin":
return "/Library/Tailscale/tailscaled.state"
default:
return ""
}
}
func stateFileUnix() string {
path := statePath()
if path == "" {
return ""
}
try := path
for i := 0; i < 3; i++ { // check writability of the file, /var/lib/tailscale, and /var/lib
err := unix.Access(try, unix.O_RDWR)
if err == nil {
return path
}
try = filepath.Dir(try)
}
if os.Getuid() == 0 {
return ""
}
// For non-root users, fall back to $XDG_DATA_HOME/tailscale/*.
return filepath.Join(xdgDataHome(), "tailscale", "tailscaled.state")
}
func xdgDataHome() string {
if e := os.Getenv("XDG_DATA_HOME"); e != "" {
return e
}
return filepath.Join(os.Getenv("HOME"), ".local/share")
}
func ensureStateDirPerms(dir string) error {
if filepath.Base(dir) != "tailscale" {
return nil
}
fi, err := os.Stat(dir)
if err != nil {
return err
}
if !fi.IsDir() {
return fmt.Errorf("expected %q to be a directory; is %v", dir, fi.Mode())
}
const perm = 0700
if fi.Mode().Perm() == perm {
// Already correct.
return nil
}
return os.Chmod(dir, perm)
}