From 08699e08d39675b76a9b813fd9fe41be6ab47a18 Mon Sep 17 00:00:00 2001 From: Jeroen Wijenbergh Date: Fri, 1 Aug 2025 15:00:58 +0200 Subject: Atomicfile: Move outside of config package --- internal/atomicfile/README.md | 38 ++++++++++++++++++++ internal/atomicfile/atomicfile.go | 51 +++++++++++++++++++++++++++ internal/atomicfile/atomicfile_test.go | 47 ++++++++++++++++++++++++ internal/config/atomicfile/README.md | 38 -------------------- internal/config/atomicfile/atomicfile.go | 51 --------------------------- internal/config/atomicfile/atomicfile_test.go | 47 ------------------------ 6 files changed, 136 insertions(+), 136 deletions(-) create mode 100644 internal/atomicfile/README.md create mode 100644 internal/atomicfile/atomicfile.go create mode 100644 internal/atomicfile/atomicfile_test.go delete mode 100644 internal/config/atomicfile/README.md delete mode 100644 internal/config/atomicfile/atomicfile.go delete mode 100644 internal/config/atomicfile/atomicfile_test.go diff --git a/internal/atomicfile/README.md b/internal/atomicfile/README.md new file mode 100644 index 0000000..998b8a4 --- /dev/null +++ b/internal/atomicfile/README.md @@ -0,0 +1,38 @@ +# Atomicfile + +This package was copied from: https://github.com/tailscale/tailscale/blob/21460a5b14e9fb883fedd6071ff53729ed68370c/atomicfile + +We only did some tiny formatting change. + +# License: + +``` +BSD 3-Clause License + +Copyright (c) 2020 Tailscale Inc & AUTHORS. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +3. Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +``` diff --git a/internal/atomicfile/atomicfile.go b/internal/atomicfile/atomicfile.go new file mode 100644 index 0000000..542f58a --- /dev/null +++ b/internal/atomicfile/atomicfile.go @@ -0,0 +1,51 @@ +// Copyright (c) Tailscale Inc & AUTHORS +// SPDX-License-Identifier: BSD-3-Clause + +// Package atomicfile contains code related to writing to filesystems +// atomically. +// +// This package should be considered internal; its API is not stable. +package atomicfile // import "tailscale.com/atomicfile" + +import ( + "fmt" + "os" + "path/filepath" + "runtime" +) + +// WriteFile writes data to filename+some suffix, then renames it into filename. +// The perm argument is ignored on Windows. If the target filename already +// exists but is not a regular file, WriteFile returns an error. +func WriteFile(filename string, data []byte, perm os.FileMode) (err error) { + fi, err := os.Stat(filename) + if err == nil && !fi.Mode().IsRegular() { + return fmt.Errorf("%s already exists and is not a regular file", filename) + } + f, err := os.CreateTemp(filepath.Dir(filename), filepath.Base(filename)+".tmp") + if err != nil { + return err + } + tmpName := f.Name() + defer func() { + if err != nil { + f.Close() //nolint:errcheck + os.Remove(tmpName) //nolint:errcheck + } + }() + if _, err := f.Write(data); err != nil { + return err + } + if runtime.GOOS != "windows" { + if err := f.Chmod(perm); err != nil { + return err + } + } + if err := f.Sync(); err != nil { + return err + } + if err := f.Close(); err != nil { + return err + } + return os.Rename(tmpName, filename) +} diff --git a/internal/atomicfile/atomicfile_test.go b/internal/atomicfile/atomicfile_test.go new file mode 100644 index 0000000..f14cb31 --- /dev/null +++ b/internal/atomicfile/atomicfile_test.go @@ -0,0 +1,47 @@ +// Copyright (c) Tailscale Inc & AUTHORS +// SPDX-License-Identifier: BSD-3-Clause + +//go:build !js && !windows + +package atomicfile + +import ( + "net" + "os" + "path/filepath" + "runtime" + "strings" + "testing" +) + +func TestDoesNotOverwriteIrregularFiles(t *testing.T) { + // Per tailscale/tailscale#7658 as one example, almost any imagined use of + // atomicfile.Write should likely not attempt to overwrite an irregular file + // such as a device node, socket, or named pipe. + + const filename = "TestDoesNotOverwriteIrregularFiles" + var path string + // macOS private temp does not allow unix socket creation, but /tmp does. + if runtime.GOOS == "darwin" { + path = filepath.Join("/tmp", filename) + t.Cleanup(func() { os.Remove(path) }) //nolint:errcheck + } else { + path = filepath.Join(t.TempDir(), filename) + } + + // The least troublesome thing to make that is not a file is a unix socket. + // Making a null device sadly requires root. + l, err := net.ListenUnix("unix", &net.UnixAddr{Name: path, Net: "unix"}) + if err != nil { + t.Fatal(err) + } + defer l.Close() //nolint:errcheck + + err = WriteFile(path, []byte("hello"), 0o644) + if err == nil { + t.Fatal("expected error, got nil") + } + if !strings.Contains(err.Error(), "is not a regular file") { + t.Fatalf("unexpected error: %v", err) + } +} diff --git a/internal/config/atomicfile/README.md b/internal/config/atomicfile/README.md deleted file mode 100644 index 998b8a4..0000000 --- a/internal/config/atomicfile/README.md +++ /dev/null @@ -1,38 +0,0 @@ -# Atomicfile - -This package was copied from: https://github.com/tailscale/tailscale/blob/21460a5b14e9fb883fedd6071ff53729ed68370c/atomicfile - -We only did some tiny formatting change. - -# License: - -``` -BSD 3-Clause License - -Copyright (c) 2020 Tailscale Inc & AUTHORS. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - -1. Redistributions of source code must retain the above copyright notice, this - list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright notice, - this list of conditions and the following disclaimer in the documentation - and/or other materials provided with the distribution. - -3. Neither the name of the copyright holder nor the names of its - contributors may be used to endorse or promote products derived from - this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -``` diff --git a/internal/config/atomicfile/atomicfile.go b/internal/config/atomicfile/atomicfile.go deleted file mode 100644 index 542f58a..0000000 --- a/internal/config/atomicfile/atomicfile.go +++ /dev/null @@ -1,51 +0,0 @@ -// Copyright (c) Tailscale Inc & AUTHORS -// SPDX-License-Identifier: BSD-3-Clause - -// Package atomicfile contains code related to writing to filesystems -// atomically. -// -// This package should be considered internal; its API is not stable. -package atomicfile // import "tailscale.com/atomicfile" - -import ( - "fmt" - "os" - "path/filepath" - "runtime" -) - -// WriteFile writes data to filename+some suffix, then renames it into filename. -// The perm argument is ignored on Windows. If the target filename already -// exists but is not a regular file, WriteFile returns an error. -func WriteFile(filename string, data []byte, perm os.FileMode) (err error) { - fi, err := os.Stat(filename) - if err == nil && !fi.Mode().IsRegular() { - return fmt.Errorf("%s already exists and is not a regular file", filename) - } - f, err := os.CreateTemp(filepath.Dir(filename), filepath.Base(filename)+".tmp") - if err != nil { - return err - } - tmpName := f.Name() - defer func() { - if err != nil { - f.Close() //nolint:errcheck - os.Remove(tmpName) //nolint:errcheck - } - }() - if _, err := f.Write(data); err != nil { - return err - } - if runtime.GOOS != "windows" { - if err := f.Chmod(perm); err != nil { - return err - } - } - if err := f.Sync(); err != nil { - return err - } - if err := f.Close(); err != nil { - return err - } - return os.Rename(tmpName, filename) -} diff --git a/internal/config/atomicfile/atomicfile_test.go b/internal/config/atomicfile/atomicfile_test.go deleted file mode 100644 index f14cb31..0000000 --- a/internal/config/atomicfile/atomicfile_test.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright (c) Tailscale Inc & AUTHORS -// SPDX-License-Identifier: BSD-3-Clause - -//go:build !js && !windows - -package atomicfile - -import ( - "net" - "os" - "path/filepath" - "runtime" - "strings" - "testing" -) - -func TestDoesNotOverwriteIrregularFiles(t *testing.T) { - // Per tailscale/tailscale#7658 as one example, almost any imagined use of - // atomicfile.Write should likely not attempt to overwrite an irregular file - // such as a device node, socket, or named pipe. - - const filename = "TestDoesNotOverwriteIrregularFiles" - var path string - // macOS private temp does not allow unix socket creation, but /tmp does. - if runtime.GOOS == "darwin" { - path = filepath.Join("/tmp", filename) - t.Cleanup(func() { os.Remove(path) }) //nolint:errcheck - } else { - path = filepath.Join(t.TempDir(), filename) - } - - // The least troublesome thing to make that is not a file is a unix socket. - // Making a null device sadly requires root. - l, err := net.ListenUnix("unix", &net.UnixAddr{Name: path, Net: "unix"}) - if err != nil { - t.Fatal(err) - } - defer l.Close() //nolint:errcheck - - err = WriteFile(path, []byte("hello"), 0o644) - if err == nil { - t.Fatal("expected error, got nil") - } - if !strings.Contains(err.Error(), "is not a regular file") { - t.Fatalf("unexpected error: %v", err) - } -} -- cgit v1.2.3