summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPetr Cech <pcech@redhat.com>2015-10-05 10:12:36 -0400
committerJakub Hrozek <jhrozek@redhat.com>2015-10-14 13:27:13 +0200
commitf8e337540d280f944098cd4dd7d670e2f7166b54 (patch)
tree1f1745c2a6859e968f2431a25c0f9d1f2f915764
parentd9c2a21119a6d04203060ad54fa8d20f17f5c0b7 (diff)
downloadsssd-f8e337540d280f944098cd4dd7d670e2f7166b54.tar.gz
sssd-f8e337540d280f944098cd4dd7d670e2f7166b54.tar.xz
sssd-f8e337540d280f944098cd4dd7d670e2f7166b54.zip
REFACTOR: umask(077) --> umask(SSS_DFL_X_UMASK)
There are many calls of umask function with 077 argument. This patch add new constant SSS_DFL_X_UMASK which stands fot 077. So all occurences of umask(077) are replaced by constant SSS_DFL_X_UMASK. Resolves: https://fedorahosted.org/sssd/ticket/2424 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
-rw-r--r--src/p11_child/p11_child_nss.c2
-rw-r--r--src/providers/krb5/krb5_child.c2
-rw-r--r--src/tests/check_and_open-tests.c2
-rw-r--r--src/tests/debug-tests.c4
-rw-r--r--src/tests/util-tests.c2
-rw-r--r--src/util/domain_info_utils.c4
-rw-r--r--src/util/util.h3
7 files changed, 11 insertions, 8 deletions
diff --git a/src/p11_child/p11_child_nss.c b/src/p11_child/p11_child_nss.c
index 44ba66788..123b99348 100644
--- a/src/p11_child/p11_child_nss.c
+++ b/src/p11_child/p11_child_nss.c
@@ -482,7 +482,7 @@ int main(int argc, const char *argv[])
debug_level = SSSDBG_INVALID;
clearenv();
- umask(077);
+ umask(SSS_DFL_X_UMASK);
pc = poptGetContext(argv[0], argc, argv, long_options, 0);
while ((opt = poptGetNextOpt(pc)) != -1) {
diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c
index 1edf10ab8..69b768718 100644
--- a/src/providers/krb5/krb5_child.c
+++ b/src/providers/krb5/krb5_child.c
@@ -720,7 +720,7 @@ static krb5_error_code create_ccache(char *ccname, krb5_creds *creds)
#endif
/* Set a restrictive umask, just in case we end up creating any file */
- umask(077);
+ umask(SSS_DFL_X_UMASK);
/* we create a new context here as the main process one may have been
* opened as root and contain possibly references (even open handles ?)
diff --git a/src/tests/check_and_open-tests.c b/src/tests/check_and_open-tests.c
index e5981c858..25aee1fbf 100644
--- a/src/tests/check_and_open-tests.c
+++ b/src/tests/check_and_open-tests.c
@@ -48,7 +48,7 @@ void setup_check_and_open(void)
filename = strdup(FILENAME_TEMPLATE);
fail_unless(filename != NULL, "strdup failed");
- old_umask = umask(077);
+ old_umask = umask(SSS_DFL_X_UMASK);
ret = mkstemp(filename);
umask(old_umask);
fail_unless(ret != -1, "mkstemp failed [%d][%s]", errno, strerror(errno));
diff --git a/src/tests/debug-tests.c b/src/tests/debug-tests.c
index 067209b1d..8d9274014 100644
--- a/src/tests/debug-tests.c
+++ b/src/tests/debug-tests.c
@@ -133,7 +133,7 @@ int test_helper_debug_check_message(int level)
strncpy(filename, "sssd_debug_tests.XXXXXX", 24);
- old_umask = umask(077);
+ old_umask = umask(SSS_DFL_X_UMASK);
fd = mkstemp(filename);
umask(old_umask);
if (fd == -1) {
@@ -273,7 +273,7 @@ int test_helper_debug_is_empty_message(int level)
strncpy(filename, "sssd_debug_tests.XXXXXX", 24);
- old_umask = umask(077);
+ old_umask = umask(SSS_DFL_X_UMASK);
fd = mkstemp(filename);
umask(old_umask);
if (fd == -1) {
diff --git a/src/tests/util-tests.c b/src/tests/util-tests.c
index bfdf07802..88c6727d4 100644
--- a/src/tests/util-tests.c
+++ b/src/tests/util-tests.c
@@ -593,7 +593,7 @@ void setup_atomicio(void)
fail_unless(filename != NULL, "strdup failed");
atio_fd = -1;
- old_umask = umask(077);
+ old_umask = umask(SSS_DFL_X_UMASK);
ret = mkstemp(filename);
umask(old_umask);
fail_unless(ret != -1, "mkstemp failed [%d][%s]", errno, strerror(errno));
diff --git a/src/util/domain_info_utils.c b/src/util/domain_info_utils.c
index ffbb9475b..04e7d08d5 100644
--- a/src/util/domain_info_utils.c
+++ b/src/util/domain_info_utils.c
@@ -312,7 +312,7 @@ sss_write_domain_mappings(struct sss_domain_info *domain)
goto done;
}
- old_mode = umask(077);
+ old_mode = umask(SSS_DFL_X_UMASK);
fd = mkstemp(tmp_file);
umask(old_mode);
if (fd < 0) {
@@ -562,7 +562,7 @@ static errno_t sss_write_krb5_localauth_snippet(const char *path)
goto done;
}
- old_mode = umask(077);
+ old_mode = umask(SSS_DFL_X_UMASK);
fd = mkstemp(tmp_file);
umask(old_mode);
if (fd < 0) {
diff --git a/src/util/util.h b/src/util/util.h
index 9658d79fe..063a97a63 100644
--- a/src/util/util.h
+++ b/src/util/util.h
@@ -67,6 +67,9 @@
/** Default secure umask */
#define SSS_DFL_UMASK 0177
+/** Secure mask with executable bit */
+#define SSS_DFL_X_UMASK 0077
+
extern const char *debug_prg_name;
extern int debug_level;
extern int debug_timestamps;