I have an elevated process and I want to make sure the SQLite files that it creates are readable by other processes. For some reason umask doesn’t seem to do what I want (set permissions of sqlite file created by process).
I’m using write-ahead logging, so -wal and -shm files are created in addition to the database file. I want all 3 to be chmodded correctly.
I wonder if it’s possible to get in after the SQLite file is created and chmod it.
Possible approaches:
touchall 3 files before SQLite tries to create them, then chmod and hope the mask stays the same- Intercept when the files are created and
chmodthem. - Work out how to get
umaskto work for the process. - Mystery option four.
What’s the best way to go?
Questions for approaches:
- Will SQLite be OK with this?
- Do we know when all 3 files are created? Is there some kind of callback I can give a function pointer to? Do we know if the same
walandshmfiles are around forever? Or are they deleted and re-created?
You can touch the database file before opening it. (When you use the
sqlite3command-line tool to open a new file, but do nothing butbegin;andcommit;, SQLite itself will create a zero-sized file.)If you want to intercept file operations, you can register your own VFS.
The
-waland-shmfiles are created dynamically, but SQLite will give them the same permission bits as the main database file. The comments forrobust_open()inos_unix.csay: