From cbcb834028794a4c658a85965516113f8c0760c1 Mon Sep 17 00:00:00 2001
From: Pavel Reichl <preichl@redhat.com>
Date: Fri, 24 Oct 2014 10:06:55 +0100
Subject: RESPONDERS: Don't hard-code umask value in utility function

Resolves:
https://fedorahosted.org/sssd/ticket/2468

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
 src/responder/common/responder_common.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c
index 9a13c95d6..6646fa258 100644
--- a/src/responder/common/responder_common.c
+++ b/src/responder/common/responder_common.c
@@ -587,6 +587,7 @@ static int sss_dp_init(struct resp_ctx *rctx,
 int create_pipe_fd(const char *sock_name, int *_fd, mode_t umaskval)
 {
     struct sockaddr_un addr;
+    mode_t orig_umaskval;
     errno_t ret;
     int fd;
 
@@ -595,7 +596,7 @@ int create_pipe_fd(const char *sock_name, int *_fd, mode_t umaskval)
         return EIO;
     }
 
-    umask(umaskval);
+    orig_umaskval = umask(umaskval);
 
     ret = set_nonblocking(fd);
     if (ret != EOK) {
@@ -636,9 +637,8 @@ int create_pipe_fd(const char *sock_name, int *_fd, mode_t umaskval)
     ret = EOK;
 
 done:
-    /* we want default permissions on created files to be very strict,
-       so set our umask to 0177 */
-    umask(0177);
+    /* restore previous umask value */
+    umask(orig_umaskval);
     if (ret == EOK) {
         *_fd = fd;
     } else {
-- 
cgit