diff options
| author | Petr Cech <pcech@redhat.com> | 2015-10-05 09:38:10 -0400 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-10-14 13:27:02 +0200 |
| commit | c299f997e20011536e365bc18e59e73f68629d2c (patch) | |
| tree | f71f9668d0b2491239d816cdcf96161d09d65814 | |
| parent | fb8985a3a3a267940760967beaf8af3979ce91ea (diff) | |
| download | sssd-c299f997e20011536e365bc18e59e73f68629d2c.tar.gz sssd-c299f997e20011536e365bc18e59e73f68629d2c.tar.xz sssd-c299f997e20011536e365bc18e59e73f68629d2c.zip | |
REFACTOR: umask(0177) --> umask(SSS_DFL_UMASK)
There are many calls of umask function with 0177 argument. This patch
add new constant SSS_DFL_UMASK which stands for 0177. So all occurences
of umask(0177) (except responder code) are replaced by constant
SSS_DFL_UMASK.
Resolves:
https://fedorahosted.org/sssd/ticket/2424
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
| -rw-r--r-- | src/confdb/confdb.c | 2 | ||||
| -rw-r--r-- | src/util/debug.c | 2 | ||||
| -rw-r--r-- | src/util/server.c | 5 | ||||
| -rw-r--r-- | src/util/util.h | 3 |
4 files changed, 7 insertions, 5 deletions
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c index d811f7cbf..0f76a3d14 100644 --- a/src/confdb/confdb.c +++ b/src/confdb/confdb.c @@ -659,7 +659,7 @@ int confdb_init(TALLOC_CTX *mem_ctx, return EIO; } - old_umask = umask(0177); + old_umask = umask(SSS_DFL_UMASK); ret = ldb_connect(cdb->ldb, confdb_location, 0, NULL); umask(old_umask); diff --git a/src/util/debug.c b/src/util/debug.c index 69df54386..bd13fdecd 100644 --- a/src/util/debug.c +++ b/src/util/debug.c @@ -362,7 +362,7 @@ int open_debug_file_ex(const char *filename, FILE **filep, bool want_cloexec) if (debug_file && !filep) fclose(debug_file); - old_umask = umask(0177); + old_umask = umask(SSS_DFL_UMASK); errno = 0; f = fopen(logpath, "a"); if (f == NULL) { diff --git a/src/util/server.c b/src/util/server.c index 7e9b76f74..036dace04 100644 --- a/src/util/server.c +++ b/src/util/server.c @@ -490,9 +490,8 @@ int server_setup(const char *name, int flags, setup_signals(); - /* we want default permissions on created files to be very strict, - so set our umask to 0177 */ - umask(0177); + /* we want default permissions on created files to be very strict */ + umask(SSS_DFL_UMASK); if (flags & FLAGS_DAEMON) { DEBUG(SSSDBG_IMPORTANT_INFO, "Becoming a daemon.\n"); diff --git a/src/util/util.h b/src/util/util.h index f9fe1ca71..9658d79fe 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -64,6 +64,9 @@ #define SSS_ATTRIBUTE_PRINTF(a1, a2) #endif +/** Default secure umask */ +#define SSS_DFL_UMASK 0177 + extern const char *debug_prg_name; extern int debug_level; extern int debug_timestamps; |