in src/common/logger.rs [170:220]
fn open_log_file(file_path: &Path) -> NitroCliResult<File> {
let file = OpenOptions::new()
.create(true)
.append(true)
.read(false)
.open(file_path)
.map_err(|e| {
new_nitro_cli_failure!(
&format!("Failed to open log file: {:?}", e),
NitroCliErrorEnum::FileOperationFailure
)
.add_info(vec![
file_path
.to_str()
.unwrap_or("Invalid unicode log file name"),
"Open",
])
})?;
let log_file_uid = Uid::from_raw(
file.metadata()
.map_err(|e| {
new_nitro_cli_failure!(
&format!("Failed to get log file metadata: {:?}", e),
NitroCliErrorEnum::FileOperationFailure
)
.add_info(vec![
file_path
.to_str()
.unwrap_or("Invalid unicode log file name"),
"Get metadata",
])
})?
.uid(),
);
// The log file should be write-accessible to any user, since
// any user may launch a CLI instance. Only the file's owner
// may change its permissions.
if log_file_uid == Uid::current() {
let perms = Permissions::from_mode(0o766);
file.set_permissions(perms).map_err(|e| {
new_nitro_cli_failure!(
&format!("Failed to change log file permissions: {:?}", e),
NitroCliErrorEnum::FilePermissionsError
)
})?;
}
Ok(file)
}