diff options
author | Petr Cech <pcech@redhat.com> | 2015-10-05 10:12:36 -0400 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-10-14 13:27:13 +0200 |
commit | f8e337540d280f944098cd4dd7d670e2f7166b54 (patch) | |
tree | 1f1745c2a6859e968f2431a25c0f9d1f2f915764 /src | |
parent | d9c2a21119a6d04203060ad54fa8d20f17f5c0b7 (diff) | |
download | sssd-f8e337540d280f944098cd4dd7d670e2f7166b54.tar.gz sssd-f8e337540d280f944098cd4dd7d670e2f7166b54.tar.xz sssd-f8e337540d280f944098cd4dd7d670e2f7166b54.zip |
REFACTOR: umask(077) --> umask(SSS_DFL_X_UMASK)
There are many calls of umask function with 077 argument. This patch
add new constant SSS_DFL_X_UMASK which stands fot 077. So all
occurences of umask(077) are replaced by constant SSS_DFL_X_UMASK.
Resolves:
https://fedorahosted.org/sssd/ticket/2424
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/p11_child/p11_child_nss.c | 2 | ||||
-rw-r--r-- | src/providers/krb5/krb5_child.c | 2 | ||||
-rw-r--r-- | src/tests/check_and_open-tests.c | 2 | ||||
-rw-r--r-- | src/tests/debug-tests.c | 4 | ||||
-rw-r--r-- | src/tests/util-tests.c | 2 | ||||
-rw-r--r-- | src/util/domain_info_utils.c | 4 | ||||
-rw-r--r-- | src/util/util.h | 3 |
7 files changed, 11 insertions, 8 deletions
diff --git a/src/p11_child/p11_child_nss.c b/src/p11_child/p11_child_nss.c index 44ba66788..123b99348 100644 --- a/src/p11_child/p11_child_nss.c +++ b/src/p11_child/p11_child_nss.c @@ -482,7 +482,7 @@ int main(int argc, const char *argv[]) debug_level = SSSDBG_INVALID; clearenv(); - umask(077); + umask(SSS_DFL_X_UMASK); pc = poptGetContext(argv[0], argc, argv, long_options, 0); while ((opt = poptGetNextOpt(pc)) != -1) { diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c index 1edf10ab8..69b768718 100644 --- a/src/providers/krb5/krb5_child.c +++ b/src/providers/krb5/krb5_child.c @@ -720,7 +720,7 @@ static krb5_error_code create_ccache(char *ccname, krb5_creds *creds) #endif /* Set a restrictive umask, just in case we end up creating any file */ - umask(077); + umask(SSS_DFL_X_UMASK); /* we create a new context here as the main process one may have been * opened as root and contain possibly references (even open handles ?) diff --git a/src/tests/check_and_open-tests.c b/src/tests/check_and_open-tests.c index e5981c858..25aee1fbf 100644 --- a/src/tests/check_and_open-tests.c +++ b/src/tests/check_and_open-tests.c @@ -48,7 +48,7 @@ void setup_check_and_open(void) filename = strdup(FILENAME_TEMPLATE); fail_unless(filename != NULL, "strdup failed"); - old_umask = umask(077); + old_umask = umask(SSS_DFL_X_UMASK); ret = mkstemp(filename); umask(old_umask); fail_unless(ret != -1, "mkstemp failed [%d][%s]", errno, strerror(errno)); diff --git a/src/tests/debug-tests.c b/src/tests/debug-tests.c index 067209b1d..8d9274014 100644 --- a/src/tests/debug-tests.c +++ b/src/tests/debug-tests.c @@ -133,7 +133,7 @@ int test_helper_debug_check_message(int level) strncpy(filename, "sssd_debug_tests.XXXXXX", 24); - old_umask = umask(077); + old_umask = umask(SSS_DFL_X_UMASK); fd = mkstemp(filename); umask(old_umask); if (fd == -1) { @@ -273,7 +273,7 @@ int test_helper_debug_is_empty_message(int level) strncpy(filename, "sssd_debug_tests.XXXXXX", 24); - old_umask = umask(077); + old_umask = umask(SSS_DFL_X_UMASK); fd = mkstemp(filename); umask(old_umask); if (fd == -1) { diff --git a/src/tests/util-tests.c b/src/tests/util-tests.c index bfdf07802..88c6727d4 100644 --- a/src/tests/util-tests.c +++ b/src/tests/util-tests.c @@ -593,7 +593,7 @@ void setup_atomicio(void) fail_unless(filename != NULL, "strdup failed"); atio_fd = -1; - old_umask = umask(077); + old_umask = umask(SSS_DFL_X_UMASK); ret = mkstemp(filename); umask(old_umask); fail_unless(ret != -1, "mkstemp failed [%d][%s]", errno, strerror(errno)); diff --git a/src/util/domain_info_utils.c b/src/util/domain_info_utils.c index ffbb9475b..04e7d08d5 100644 --- a/src/util/domain_info_utils.c +++ b/src/util/domain_info_utils.c @@ -312,7 +312,7 @@ sss_write_domain_mappings(struct sss_domain_info *domain) goto done; } - old_mode = umask(077); + old_mode = umask(SSS_DFL_X_UMASK); fd = mkstemp(tmp_file); umask(old_mode); if (fd < 0) { @@ -562,7 +562,7 @@ static errno_t sss_write_krb5_localauth_snippet(const char *path) goto done; } - old_mode = umask(077); + old_mode = umask(SSS_DFL_X_UMASK); fd = mkstemp(tmp_file); umask(old_mode); if (fd < 0) { diff --git a/src/util/util.h b/src/util/util.h index 9658d79fe..063a97a63 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -67,6 +67,9 @@ /** Default secure umask */ #define SSS_DFL_UMASK 0177 +/** Secure mask with executable bit */ +#define SSS_DFL_X_UMASK 0077 + extern const char *debug_prg_name; extern int debug_level; extern int debug_timestamps; |