From 2f4ca06b50acac0d62d319e7ece4cf9893cb8367 Mon Sep 17 00:00:00 2001
From: Sasha Romijn <github@mxsasha.eu>
Date: Thu, 25 Apr 2024 14:03:50 +0200
Subject: [PATCH] Fix #937 - Fix incorrect log access check in setuid startup

Introduced in #666
---
 irrd/daemon/main.py | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/irrd/daemon/main.py b/irrd/daemon/main.py
index b2e9ebe..1871659 100755
--- a/irrd/daemon/main.py
+++ b/irrd/daemon/main.py
@@ -95,11 +95,13 @@ def main():
     if uid and gid:
         os.setegid(gid)
         os.seteuid(uid)
-        if staged_logfile_path and not os.access(staged_logfile_path, os.W_OK, effective_ids=True):
-            logging.critical(
-                f"Unable to start: logfile {staged_logfile_path} not writable by UID {uid} / GID {gid}"
-            )
-            return
+        if staged_logfile_path:
+            staged_logfile_dir = Path(staged_logfile_path).parent
+            if not os.access(staged_logfile_dir, os.W_OK, effective_ids=True):
+                logging.critical(
+                    f"Unable to start: logfile {staged_logfile_path} not writable by UID {uid} / GID {gid}"
+                )
+                return
 
     with daemon.DaemonContext(**daemon_kwargs):
         config_init(args.config_file_path)