gofix/portal-tunnel-rs
1
0
Fork 0
Code Issues Pull requests Projects Releases 11 Packages 1 Wiki Activity Actions

fix: skip chmod for already-private identity dir #76

Merged
ada merged 1 commit from fix/secure-existing-identity-dir-mode into master 2026-06-01 00:34:15 +00:00
Conversation 0 Commits 1 Files changed 1 +9
ada commented 2026-06-01 00:32:00 +00:00
Collaborator
Copy link

Problem

The v2.2.5 dev image failed the live dev gate on relay-vm while running as UID 65532. Startup looped at identity initialization because ensure_private_dir always attempted chmod 0700 on the bind-mounted /portal-certs directory:

prepare relay identity directory /portal-certs
set permissions on directory /portal-certs
Operation not permitted (os error 1)

The host directory was already secure: mode 0700, owner 65532:65532, so the chmod was unnecessary.

Approach

On Unix, set_dir_mode now checks the existing mode first and returns early when it already matches the requested private mode. This preserves strict permission enforcement when correction is needed, while avoiding a no-op chmod that can fail on restricted bind mounts/non-root container runtimes.

Validation

  • cargo fmt --check
  • cargo test --locked -p portal-relay state::identity::tests::relay_identity_file_is_private

Validation was run in the Linux Docker toolchain on uvm because macOS cannot build the Linux netlink dependency tree for this package.

## Problem The v2.2.5 dev image failed the live dev gate on relay-vm while running as UID 65532. Startup looped at identity initialization because `ensure_private_dir` always attempted `chmod 0700` on the bind-mounted `/portal-certs` directory: ```text prepare relay identity directory /portal-certs set permissions on directory /portal-certs Operation not permitted (os error 1) ``` The host directory was already secure: mode `0700`, owner `65532:65532`, so the chmod was unnecessary. ## Approach On Unix, `set_dir_mode` now checks the existing mode first and returns early when it already matches the requested private mode. This preserves strict permission enforcement when correction is needed, while avoiding a no-op chmod that can fail on restricted bind mounts/non-root container runtimes. ## Validation - `cargo fmt --check` - `cargo test --locked -p portal-relay state::identity::tests::relay_identity_file_is_private` Validation was run in the Linux Docker toolchain on `uvm` because macOS cannot build the Linux netlink dependency tree for this package.
fix: skip chmod for already-private identity dir
All checks were successful
Rust CI / Format, lint, and test (pull_request) Successful in 53s
Details
b6bd1ac3df
ada merged commit 0e366d766f into master 2026-06-01 00:34:15 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
gofix/portal-tunnel-rs!76
No description provided.