From 8c8f08304ecacc9d714ce8293ff8b4495d8c820c Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Wed, 1 May 2024 13:57:41 +0100 Subject: [PATCH 1/2] gdocumentportal: Factor out opening_ro_might_succeed() No functional change. Signed-off-by: Simon McVittie --- gio/gdocumentportal.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/gio/gdocumentportal.c b/gio/gdocumentportal.c index 382e2aab6..531156660 100644 --- a/gio/gdocumentportal.c +++ b/gio/gdocumentportal.c @@ -90,6 +90,24 @@ enum { XDP_ADD_FLAGS_FLAGS_ALL = ((1 << 3) - 1) }; +/* + * Assume that opening a file read/write failed with @saved_errno, + * and return TRUE if opening the same file read-only might succeed. + */ +static gboolean +opening_ro_might_succeed (int saved_errno) +{ + switch (saved_errno) + { + case EACCES: + case EISDIR: + return TRUE; + + default: + return FALSE; + } +} + GList * g_document_portal_add_documents (GList *uris, const char *app_id, @@ -131,7 +149,7 @@ g_document_portal_add_documents (GList *uris, int fd; fd = g_open (path, O_CLOEXEC | O_RDWR); - if (fd == -1 && (errno == EACCES || errno == EISDIR)) + if (fd == -1 && opening_ro_might_succeed (errno)) { /* If we don't have write access, fall back to read-only, * and stop requesting the write permission */ From a869dcb90b66bf6aac7e58753f3a5bb80bd3666c Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Wed, 1 May 2024 14:08:58 +0100 Subject: [PATCH 2/2] gdocumentportal: Treat more error codes as a permissions error If the file to be added is on a read-only filesystem, opening read/write will fail with EROFS. In this case we should fall back to opening it read-only, the same way we already do if write access is forbidden by DAC or MAC. An easy way to reproduce this test failure is to build and test GLib in a podman container, with its source code read-only and its build directory read/write: podman run --rm -it \ -v $(pwd):$(pwd):ro \ -v $(pwd)/_build:$(pwd)/_build:rw \ -w $(pwd) ... Before this commit, the dbus-appinfo test would fail, because opening ${srcdir}/gio/tests/org.gtk.test.dbusappinfo.flatpak.desktop read/write would fail with EROFS. For completeness, give similar handling to the other error codes documented in Linux open(2) that might succeed if re-attempted using read-only access: according to that documentation, we could get EPERM if opening read/write is prevented by fcntl F_ADD_SEALS, or ETXTBSY if the file is an executable that is currently being run. Signed-off-by: Simon McVittie --- gio/gdocumentportal.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/gio/gdocumentportal.c b/gio/gdocumentportal.c index 531156660..0b55c3ef9 100644 --- a/gio/gdocumentportal.c +++ b/gio/gdocumentportal.c @@ -101,6 +101,15 @@ opening_ro_might_succeed (int saved_errno) { case EACCES: case EISDIR: +#ifdef EPERM + case EPERM: +#endif +#ifdef EROFS + case EROFS: +#endif +#ifdef ETXTBSY + case ETXTBSY: +#endif return TRUE; default: