summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPavel Reichl <preichl@redhat.com>2014-10-24 12:42:50 +0100
committerJakub Hrozek <jhrozek@redhat.com>2014-10-29 10:41:06 +0100
commit458f5245dd5130d12666cce6faf8ef1ec7f80169 (patch)
tree78ddfce672beefbf82a53e6e5af4f30425ec4b2f
parentcbcb834028794a4c658a85965516113f8c0760c1 (diff)
downloadsssd-458f5245dd5130d12666cce6faf8ef1ec7f80169.tar.gz
sssd-458f5245dd5130d12666cce6faf8ef1ec7f80169.tar.xz
sssd-458f5245dd5130d12666cce6faf8ef1ec7f80169.zip
RESPONDERS: Set default value for umask
Resolves: https://fedorahosted.org/sssd/ticket/2468 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
-rw-r--r--src/responder/autofs/autofssrv.c2
-rw-r--r--src/responder/common/responder.h4
-rw-r--r--src/responder/ifp/ifpsrv.c2
-rw-r--r--src/responder/nss/nsssrv.c2
-rw-r--r--src/responder/pac/pacsrv.c2
-rw-r--r--src/responder/pam/pamsrv.c2
-rw-r--r--src/responder/ssh/sshsrv.c2
-rw-r--r--src/responder/sudo/sudosrv.c2
8 files changed, 18 insertions, 0 deletions
diff --git a/src/responder/autofs/autofssrv.c b/src/responder/autofs/autofssrv.c
index 44474ee08..91f529135 100644
--- a/src/responder/autofs/autofssrv.c
+++ b/src/responder/autofs/autofssrv.c
@@ -220,6 +220,8 @@ int main(int argc, const char *argv[])
/* Set debug level to invalid value so we can decide if -d 0 was used. */
debug_level = SSSDBG_INVALID;
+ umask(DFL_RSP_UMASK);
+
pc = poptGetContext(argv[0], argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch(opt) {
diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h
index cd2b3232c..e3c0f2267 100644
--- a/src/responder/common/responder.h
+++ b/src/responder/common/responder.h
@@ -38,6 +38,10 @@
extern hash_table_t *dp_requests;
+/* we want default permissions on created files to be very strict,
+ * so set our umask to 0177 */
+#define DFL_RSP_UMASK 0177
+
/* if there is a provider other than the special local */
#define NEED_CHECK_PROVIDER(provider) \
(provider != NULL && strcmp(provider, "local") != 0)
diff --git a/src/responder/ifp/ifpsrv.c b/src/responder/ifp/ifpsrv.c
index eddeec981..367438c71 100644
--- a/src/responder/ifp/ifpsrv.c
+++ b/src/responder/ifp/ifpsrv.c
@@ -454,6 +454,8 @@ int main(int argc, const char *argv[])
/* Set debug level to invalid value so we can deside if -d 0 was used. */
debug_level = SSSDBG_INVALID;
+ umask(DFL_RSP_UMASK);
+
pc = poptGetContext(argv[0], argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch(opt) {
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c
index cfb146464..1bbeaa153 100644
--- a/src/responder/nss/nsssrv.c
+++ b/src/responder/nss/nsssrv.c
@@ -550,6 +550,8 @@ int main(int argc, const char *argv[])
/* Set debug level to invalid value so we can deside if -d 0 was used. */
debug_level = SSSDBG_INVALID;
+ umask(DFL_RSP_UMASK);
+
pc = poptGetContext(argv[0], argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch(opt) {
diff --git a/src/responder/pac/pacsrv.c b/src/responder/pac/pacsrv.c
index 3eb21c8ff..859ae86a5 100644
--- a/src/responder/pac/pacsrv.c
+++ b/src/responder/pac/pacsrv.c
@@ -229,6 +229,8 @@ int main(int argc, const char *argv[])
/* Set debug level to invalid value so we can decide if -d 0 was used. */
debug_level = SSSDBG_INVALID;
+ umask(DFL_RSP_UMASK);
+
pc = poptGetContext(argv[0], argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch(opt) {
diff --git a/src/responder/pam/pamsrv.c b/src/responder/pam/pamsrv.c
index c7e3c20b2..886136b42 100644
--- a/src/responder/pam/pamsrv.c
+++ b/src/responder/pam/pamsrv.c
@@ -332,6 +332,8 @@ int main(int argc, const char *argv[])
/* Set debug level to invalid value so we can deside if -d 0 was used. */
debug_level = SSSDBG_INVALID;
+ umask(DFL_RSP_UMASK);
+
pc = poptGetContext(argv[0], argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch(opt) {
diff --git a/src/responder/ssh/sshsrv.c b/src/responder/ssh/sshsrv.c
index b1969b49d..1bcf4e21a 100644
--- a/src/responder/ssh/sshsrv.c
+++ b/src/responder/ssh/sshsrv.c
@@ -197,6 +197,8 @@ int main(int argc, const char *argv[])
/* Set debug level to invalid value so we can deside if -d 0 was used. */
debug_level = SSSDBG_INVALID;
+ umask(DFL_RSP_UMASK);
+
pc = poptGetContext(argv[0], argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch(opt) {
diff --git a/src/responder/sudo/sudosrv.c b/src/responder/sudo/sudosrv.c
index a25f98eca..e480c7a43 100644
--- a/src/responder/sudo/sudosrv.c
+++ b/src/responder/sudo/sudosrv.c
@@ -177,6 +177,8 @@ int main(int argc, const char *argv[])
/* Set debug level to invalid value so we can deside if -d 0 was used. */
debug_level = SSSDBG_INVALID;
+ umask(DFL_RSP_UMASK);
+
pc = poptGetContext(argv[0], argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch(opt) {