summaryrefslogtreecommitdiff
path: root/internal/config/atomicfile
diff options
context:
space:
mode:
Diffstat (limited to 'internal/config/atomicfile')
-rw-r--r--internal/config/atomicfile/README.md36
-rw-r--r--internal/config/atomicfile/atomicfile.go51
-rw-r--r--internal/config/atomicfile/atomicfile_test.go47
3 files changed, 134 insertions, 0 deletions
diff --git a/internal/config/atomicfile/README.md b/internal/config/atomicfile/README.md
new file mode 100644
index 0000000..89264a0
--- /dev/null
+++ b/internal/config/atomicfile/README.md
@@ -0,0 +1,36 @@
+# Atomicfile
+
+This package was copied from: https://github.com/tailscale/tailscale/blob/21460a5b14e9fb883fedd6071ff53729ed68370c/atomicfile
+
+# License:
+
+```
+BSD 3-Clause License
+
+Copyright (c) 2020 Tailscale Inc & AUTHORS.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+ list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its
+ contributors may be used to endorse or promote products derived from
+ this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+```
diff --git a/internal/config/atomicfile/atomicfile.go b/internal/config/atomicfile/atomicfile.go
new file mode 100644
index 0000000..5c18e85
--- /dev/null
+++ b/internal/config/atomicfile/atomicfile.go
@@ -0,0 +1,51 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+// Package atomicfile contains code related to writing to filesystems
+// atomically.
+//
+// This package should be considered internal; its API is not stable.
+package atomicfile // import "tailscale.com/atomicfile"
+
+import (
+ "fmt"
+ "os"
+ "path/filepath"
+ "runtime"
+)
+
+// WriteFile writes data to filename+some suffix, then renames it into filename.
+// The perm argument is ignored on Windows. If the target filename already
+// exists but is not a regular file, WriteFile returns an error.
+func WriteFile(filename string, data []byte, perm os.FileMode) (err error) {
+ fi, err := os.Stat(filename)
+ if err == nil && !fi.Mode().IsRegular() {
+ return fmt.Errorf("%s already exists and is not a regular file", filename)
+ }
+ f, err := os.CreateTemp(filepath.Dir(filename), filepath.Base(filename)+".tmp")
+ if err != nil {
+ return err
+ }
+ tmpName := f.Name()
+ defer func() {
+ if err != nil {
+ f.Close()
+ os.Remove(tmpName)
+ }
+ }()
+ if _, err := f.Write(data); err != nil {
+ return err
+ }
+ if runtime.GOOS != "windows" {
+ if err := f.Chmod(perm); err != nil {
+ return err
+ }
+ }
+ if err := f.Sync(); err != nil {
+ return err
+ }
+ if err := f.Close(); err != nil {
+ return err
+ }
+ return os.Rename(tmpName, filename)
+}
diff --git a/internal/config/atomicfile/atomicfile_test.go b/internal/config/atomicfile/atomicfile_test.go
new file mode 100644
index 0000000..78c93e6
--- /dev/null
+++ b/internal/config/atomicfile/atomicfile_test.go
@@ -0,0 +1,47 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build !js && !windows
+
+package atomicfile
+
+import (
+ "net"
+ "os"
+ "path/filepath"
+ "runtime"
+ "strings"
+ "testing"
+)
+
+func TestDoesNotOverwriteIrregularFiles(t *testing.T) {
+ // Per tailscale/tailscale#7658 as one example, almost any imagined use of
+ // atomicfile.Write should likely not attempt to overwrite an irregular file
+ // such as a device node, socket, or named pipe.
+
+ const filename = "TestDoesNotOverwriteIrregularFiles"
+ var path string
+ // macOS private temp does not allow unix socket creation, but /tmp does.
+ if runtime.GOOS == "darwin" {
+ path = filepath.Join("/tmp", filename)
+ t.Cleanup(func() { os.Remove(path) })
+ } else {
+ path = filepath.Join(t.TempDir(), filename)
+ }
+
+ // The least troublesome thing to make that is not a file is a unix socket.
+ // Making a null device sadly requires root.
+ l, err := net.ListenUnix("unix", &net.UnixAddr{Name: path, Net: "unix"})
+ if err != nil {
+ t.Fatal(err)
+ }
+ defer l.Close()
+
+ err = WriteFile(path, []byte("hello"), 0644)
+ if err == nil {
+ t.Fatal("expected error, got nil")
+ }
+ if !strings.Contains(err.Error(), "is not a regular file") {
+ t.Fatalf("unexpected error: %v", err)
+ }
+}