Merge branch 'develop' into feature/new-installer

2025-09-15 09:19:48 +00:00 · 2025-01-14 15:30:57 +02:00 · 2025-01-14 15:30:57 +02:00 · 5039e9efca
commit 5039e9efca
parent fed64e6fbd f021ec2444
40 changed files with 929 additions and 163 deletions
--- a/base/database/main.go
+++ b/base/database/main.go
@ -6,6 +6,7 @@ import (
 	"os"
 	"path/filepath"

+	"github.com/safing/portmaster/base/utils"
 	"github.com/tevino/abool"
 )

@ -23,10 +24,14 @@ func Initialize(databasesRootDir string) error {
 	if initialized.SetToIf(false, true) {
 		rootDir = databasesRootDir

-		// Ensure database root dir exists.
 		err := os.MkdirAll(rootDir, 0o0700)
 		if err != nil {
-			return fmt.Errorf("could not create/open database directory (%s): %w", rootDir, err)
+			return fmt.Errorf("failed to create/check database dir %q: %w", rootDir, err)
+		}
+		// ensure root and databases dirs
+		err = utils.EnsureDirectory(rootDir, utils.AdminOnlyPermission)
+		if err != nil {
+			return fmt.Errorf("could not set permissions to database directory (%s): %w", rootDir, err)
 		}

 		return nil
@ -63,5 +68,9 @@ func getLocation(name, storageType string) (string, error) {
 	if err != nil {
 		return "", fmt.Errorf("failed to create/check database dir %q: %w", location, err)
 	}
+	err = utils.EnsureDirectory(location, utils.AdminOnlyPermission)
+	if err != nil {
+		return "", fmt.Errorf("could not set permissions to directory (%s): %w", location, err)
+	}
 	return location, nil
 }
--- a/base/database/storage/fstree/fstree.go
+++ b/base/database/storage/fstree/fstree.go
@ -15,7 +15,6 @@ import (
 	"strings"
 	"time"

-	"github.com/hectane/go-acl"
 	"github.com/safing/portmaster/base/database/iterator"
 	"github.com/safing/portmaster/base/database/query"
 	"github.com/safing/portmaster/base/database/record"
@ -289,11 +288,8 @@ func writeFile(filename string, data []byte, perm os.FileMode) error {
 	defer t.Cleanup() //nolint:errcheck

 	// Set permissions before writing data, in case the data is sensitive.
-	if onWindows {
-		err = acl.Chmod(filename, perm)
-	} else {
-		err = t.Chmod(perm)
-	}
+	// TODO(vladimir): to set permissions on windows we need the full path of the file.
+	err = t.Chmod(perm)
 	if err != nil {
 		return err
 	}