summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPetr Cech <pcech@redhat.com>2015-10-05 09:38:10 -0400
committerJakub Hrozek <jhrozek@redhat.com>2015-10-14 13:27:02 +0200
commitc299f997e20011536e365bc18e59e73f68629d2c (patch)
treef71f9668d0b2491239d816cdcf96161d09d65814
parentfb8985a3a3a267940760967beaf8af3979ce91ea (diff)
downloadsssd-c299f997e20011536e365bc18e59e73f68629d2c.tar.gz
sssd-c299f997e20011536e365bc18e59e73f68629d2c.tar.xz
sssd-c299f997e20011536e365bc18e59e73f68629d2c.zip
REFACTOR: umask(0177) --> umask(SSS_DFL_UMASK)
There are many calls of umask function with 0177 argument. This patch add new constant SSS_DFL_UMASK which stands for 0177. So all occurences of umask(0177) (except responder code) are replaced by constant SSS_DFL_UMASK. Resolves: https://fedorahosted.org/sssd/ticket/2424 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
-rw-r--r--src/confdb/confdb.c2
-rw-r--r--src/util/debug.c2
-rw-r--r--src/util/server.c5
-rw-r--r--src/util/util.h3
4 files changed, 7 insertions, 5 deletions
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index d811f7cbf..0f76a3d14 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -659,7 +659,7 @@ int confdb_init(TALLOC_CTX *mem_ctx,
return EIO;
}
- old_umask = umask(0177);
+ old_umask = umask(SSS_DFL_UMASK);
ret = ldb_connect(cdb->ldb, confdb_location, 0, NULL);
umask(old_umask);
diff --git a/src/util/debug.c b/src/util/debug.c
index 69df54386..bd13fdecd 100644
--- a/src/util/debug.c
+++ b/src/util/debug.c
@@ -362,7 +362,7 @@ int open_debug_file_ex(const char *filename, FILE **filep, bool want_cloexec)
if (debug_file && !filep) fclose(debug_file);
- old_umask = umask(0177);
+ old_umask = umask(SSS_DFL_UMASK);
errno = 0;
f = fopen(logpath, "a");
if (f == NULL) {
diff --git a/src/util/server.c b/src/util/server.c
index 7e9b76f74..036dace04 100644
--- a/src/util/server.c
+++ b/src/util/server.c
@@ -490,9 +490,8 @@ int server_setup(const char *name, int flags,
setup_signals();
- /* we want default permissions on created files to be very strict,
- so set our umask to 0177 */
- umask(0177);
+ /* we want default permissions on created files to be very strict */
+ umask(SSS_DFL_UMASK);
if (flags & FLAGS_DAEMON) {
DEBUG(SSSDBG_IMPORTANT_INFO, "Becoming a daemon.\n");
diff --git a/src/util/util.h b/src/util/util.h
index f9fe1ca71..9658d79fe 100644
--- a/src/util/util.h
+++ b/src/util/util.h
@@ -64,6 +64,9 @@
#define SSS_ATTRIBUTE_PRINTF(a1, a2)
#endif
+/** Default secure umask */
+#define SSS_DFL_UMASK 0177
+
extern const char *debug_prg_name;
extern int debug_level;
extern int debug_timestamps;