From c299f997e20011536e365bc18e59e73f68629d2c Mon Sep 17 00:00:00 2001
From: Petr Cech <pcech@redhat.com>
Date: Mon, 5 Oct 2015 09:38:10 -0400
Subject: REFACTOR: umask(0177) --> umask(SSS_DFL_UMASK)

There are many calls of umask function with 0177 argument. This patch
add new constant SSS_DFL_UMASK which stands for 0177. So all occurences
of umask(0177) (except responder code) are replaced by constant
SSS_DFL_UMASK.

Resolves:
https://fedorahosted.org/sssd/ticket/2424

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
 src/confdb/confdb.c | 2 +-
 src/util/debug.c    | 2 +-
 src/util/server.c   | 5 ++---
 src/util/util.h     | 3 +++
 4 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index d811f7cbf..0f76a3d14 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -659,7 +659,7 @@ int confdb_init(TALLOC_CTX *mem_ctx,
         return EIO;
     }
 
-    old_umask = umask(0177);
+    old_umask = umask(SSS_DFL_UMASK);
 
     ret = ldb_connect(cdb->ldb, confdb_location, 0, NULL);
     umask(old_umask);
diff --git a/src/util/debug.c b/src/util/debug.c
index 69df54386..bd13fdecd 100644
--- a/src/util/debug.c
+++ b/src/util/debug.c
@@ -362,7 +362,7 @@ int open_debug_file_ex(const char *filename, FILE **filep, bool want_cloexec)
 
     if (debug_file && !filep) fclose(debug_file);
 
-    old_umask = umask(0177);
+    old_umask = umask(SSS_DFL_UMASK);
     errno = 0;
     f = fopen(logpath, "a");
     if (f == NULL) {
diff --git a/src/util/server.c b/src/util/server.c
index 7e9b76f74..036dace04 100644
--- a/src/util/server.c
+++ b/src/util/server.c
@@ -490,9 +490,8 @@ int server_setup(const char *name, int flags,
 
     setup_signals();
 
-    /* we want default permissions on created files to be very strict,
-       so set our umask to 0177 */
-    umask(0177);
+    /* we want default permissions on created files to be very strict */
+    umask(SSS_DFL_UMASK);
 
     if (flags & FLAGS_DAEMON) {
         DEBUG(SSSDBG_IMPORTANT_INFO, "Becoming a daemon.\n");
diff --git a/src/util/util.h b/src/util/util.h
index f9fe1ca71..9658d79fe 100644
--- a/src/util/util.h
+++ b/src/util/util.h
@@ -64,6 +64,9 @@
 #define SSS_ATTRIBUTE_PRINTF(a1, a2)
 #endif
 
+/** Default secure umask */
+#define SSS_DFL_UMASK 0177
+
 extern const char *debug_prg_name;
 extern int debug_level;
 extern int debug_timestamps;
-- 
cgit