diff options
author | Gilad Arnold <garnold@google.com> | 2015-09-04 08:28:37 -0700 |
---|---|---|
committer | Gilad Arnold <garnold@google.com> | 2015-09-04 10:14:52 -0700 |
commit | e9132c014d2a05e410f98cb777a4806dddde3e8e (patch) | |
tree | f2a4fa351099787d32a4f1a0e91c49c75cdfb206 | |
parent | 4a0ae0177f07c62d336268082539dd64149aa288 (diff) | |
download | tlsdate-e9132c014d2a05e410f98cb777a4806dddde3e8e.tar.gz |
Make tlsdated persist and load last set time.
This enables use of a timestamp file. Note the fchmod(2) call after file
opening/creation, used for working around unfavorable umask settings.
Bug: 22373707
Change-Id: Id759d3eda55c9c2215991268291ceeac490373d6
-rw-r--r-- | init/tlsdated.rc | 6 | ||||
-rw-r--r-- | src/tlsdate-setter.c | 5 | ||||
-rw-r--r-- | src/tlsdated.c | 2 |
3 files changed, 10 insertions, 3 deletions
diff --git a/init/tlsdated.rc b/init/tlsdated.rc index 87468af..0c5b2da 100644 --- a/init/tlsdated.rc +++ b/init/tlsdated.rc @@ -1,5 +1,9 @@ # Init file for starting tlsdated on Android. -service tlsdated /system/bin/tlsdated -v -l -s -G dbus,inet -- /system/bin/tlsdate -v -C /system/etc/security/cacerts -l + +on boot + mkdir /data/misc/tlsdated 0755 root system + +service tlsdated /system/bin/tlsdated -v -c /data/misc/tlsdated -G dbus,inet -- /system/bin/tlsdate -v -C /system/etc/security/cacerts -l class main # This daemon needs to start as root and drops privileges early on. user root diff --git a/src/tlsdate-setter.c b/src/tlsdate-setter.c index a40f67e..138be59 100644 --- a/src/tlsdate-setter.c +++ b/src/tlsdate-setter.c @@ -13,6 +13,7 @@ #include <string.h> #include <sys/ioctl.h> #include <sys/prctl.h> +#include <sys/stat.h> #include <sys/time.h> #include <sys/types.h> #include <sys/wait.h> @@ -79,10 +80,12 @@ time_setter_coprocess (int time_fd, int notify_fd, struct state *state) prctl (PR_SET_NAME, "tlsdated-setter"); if (state->opts.should_save_disk && !state->opts.dry_run) { + const mode_t perms = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH; /* TODO(wad) platform->file_open */ if ( (save_fd = open (state->timestamp_path, O_WRONLY | O_CREAT | O_NOFOLLOW | O_CLOEXEC, - S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)) < 0) + perms)) < 0 || + fchmod (save_fd, perms) != 0) { /* Attempt to unlink the path on the way out. */ unlink (state->timestamp_path); diff --git a/src/tlsdated.c b/src/tlsdated.c index 63dfbd4..f577e19 100644 --- a/src/tlsdated.c +++ b/src/tlsdated.c @@ -576,7 +576,7 @@ main (int argc, char *argv[], char *envp[]) time_t disk_time = state.last_time; if (!load_disk_timestamp (state.timestamp_path, &disk_time)) { - verb ("disk timestamp available: yes"); + verb ("disk timestamp available: yes (%ld)", disk_time); if (!is_sane_time (state.last_time) || state.last_time < disk_time) { |