utils/directories: verify_owner_and_mode: add recursive flag

Allow the caller to verify only the top level directories so that sub-directories can be verified selectively (in particular, skip validation of snapshots). Signed-off-by: Benny Halevy <bhalevy@scylladb.com>
2023-07-31 11:22:39 +03:00
parent accd6271bc
commit 60862c63dd
2 changed files with 15 additions and 4 deletions
--- a/utils/directories.cc
+++ b/utils/directories.cc
@@ -106,7 +106,7 @@ void verification_error(fs::path path, const char* fstr, Args&&... args) {
 // Verify that all files and directories are owned by current uid
 // and that files can be read and directories can be read, written, and looked up (execute)
 // No other file types may exist.
-future<> directories::verify_owner_and_mode(fs::path path) {
+future<> directories::do_verify_owner_and_mode(fs::path path, recursive recurse, int level) {
    auto sd = co_await file_stat(path.string(), follow_symlink::no);
    // Under docker, we run with euid 0 and there is no reasonable way to enforce that the
    // in-container uid will have the same uid as files mounted from outside the container. So
@@ -128,8 +128,11 @@ future<> directories::verify_owner_and_mode(fs::path path) {
        if (!can_access) {
            verification_error(std::move(path), "Directory cannot be accessed for read, write, and execute");
        }
-        co_await lister::scan_dir(path, {}, [] (fs::path dir, directory_entry de) -> future<> {
-            co_await verify_owner_and_mode(dir / de.name);
+        if (level && !recurse) {
+            co_return;
+        }
+        co_await lister::scan_dir(path, {}, [recurse, level = level + 1] (fs::path dir, directory_entry de) -> future<> {
+            co_await do_verify_owner_and_mode(dir / de.name, recurse, level);
        });
        break;
    }
@@ -138,4 +141,8 @@ future<> directories::verify_owner_and_mode(fs::path path) {
    }
 };

+future<> directories::verify_owner_and_mode(fs::path path, recursive recursive) {
+    return do_verify_owner_and_mode(std::move(path), recursive, 0);
+}
+
 } // namespace utils
--- a/utils/directories.hh
+++ b/utils/directories.hh
@@ -39,12 +39,16 @@ public:
        std::set<fs::path> _paths;
    };

+    using recursive = bool_class<struct recursive_tag>;
+
    directories(bool developer_mode);
    future<> create_and_verify(set dir_set);
-    static future<> verify_owner_and_mode(std::filesystem::path path);
+    static future<> verify_owner_and_mode(std::filesystem::path path, recursive r = recursive::yes);
 private:
    bool _developer_mode;
    std::vector<file_lock> _locks;
+
+    static future<> do_verify_owner_and_mode(std::filesystem::path path, recursive, int level);
 };

 } // namespace utils