IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-01-18 20:43:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

SQLite: Set 0640 permissions on SQLite database file (#26339)

Browse Source 
* SQLite: Set 640 permissions on SQLite database file
This commit is contained in:
Arve Knudsen 2020-07-23 15:47:26 +02:00 committed by GitHub
parent 37aa35ca45
commit 102448040d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 32 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/services/sqlstore/migrator/migrator.go
View File

@ -51,9 +51,8 @@ func (mg *Migrator) GetMigrationLog() (map[string]MigrationLog, error) {
exists, err := mg.x.IsTableExist(new(MigrationLog))
if err != nil {
return nil, err
return nil, errutil.Wrap("failed to check table existence", err)
}
if !exists {
return logMap, nil
}
@ -73,7 +72,7 @@ func (mg *Migrator) GetMigrationLog() (map[string]MigrationLog, error) {
}
func (mg *Migrator) Start() error {
mg.Logger.Info("Starting DB migration")
mg.Logger.Info("Starting DB migrations")
logMap, err := mg.GetMigrationLog()
if err != nil {
@ -110,9 +109,8 @@ func (mg *Migrator) Start() error {
_, err = sess.Insert(&record)
return err
})
if err != nil {
return err
return errutil.Wrap("migration failed", err)
}
}

29
pkg/services/sqlstore/sqlstore.go
View File

@ -12,6 +12,7 @@ import (
"github.com/go-sql-driver/mysql"
"github.com/grafana/grafana/pkg/bus"
"github.com/grafana/grafana/pkg/infra/fs"
"github.com/grafana/grafana/pkg/infra/localcache"
"github.com/grafana/grafana/pkg/infra/log"
"github.com/grafana/grafana/pkg/models"
@ -265,6 +266,34 @@ func (ss *SqlStore) getEngine() (*xorm.Engine, error) {
}
sqlog.Info("Connecting to DB", "dbtype", ss.dbCfg.Type)
if ss.dbCfg.Type == migrator.SQLITE && strings.HasPrefix(connectionString, "file:") {
exists, err := fs.Exists(ss.dbCfg.Path)
if err != nil {
return nil, errutil.Wrapf(err, "can't check for existence of %q", ss.dbCfg.Path)
}
const perms = 0640
if !exists {
ss.log.Info("Creating SQLite database file", "path", ss.dbCfg.Path)
f, err := os.OpenFile(ss.dbCfg.Path, os.O_CREATE|os.O_RDWR, perms)
if err != nil {
return nil, errutil.Wrapf(err, "failed to create SQLite database file %q", ss.dbCfg.Path)
}
if err := f.Close(); err != nil {
return nil, errutil.Wrapf(err, "failed to create SQLite database file %q", ss.dbCfg.Path)
}
} else {
fi, err := os.Lstat(ss.dbCfg.Path)
if err != nil {
return nil, errutil.Wrapf(err, "failed to stat SQLite database file %q", ss.dbCfg.Path)
}
m := fi.Mode() & os.ModePerm
if m|perms != perms {
ss.log.Warn("SQLite database file has broader permissions than it should",
"path", ss.dbCfg.Path, "mode", m, "expected", os.FileMode(perms))
}
}
}
engine, err := xorm.NewEngine(ss.dbCfg.Type, connectionString)
if err != nil {
return nil, err