picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

umask: change default umask to 0022 just to be sure, and set it explicitly in all binaries, in order to make sure it is set when started from the terminal

This commit is contained in:
Lennart Poettering 2011-08-01 20:52:18 +02:00
parent 07f8a4aa49
commit 4c12626c8e
30 changed files with 59 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/binfmt.c
View File

@ -127,6 +127,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if (argc > 1) {
r = apply_file(argv[1], false);
} else {

2
src/cryptsetup-generator.c
View File

@ -246,6 +246,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if (!(f = fopen("/etc/crypttab", "re"))) {
if (errno == ENOENT)

2
src/cryptsetup.c
View File

@ -241,6 +241,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if (streq(argv[1], "attach")) {
uint32_t flags = 0;
int k;

2
src/execute.c
View File

@ -1402,7 +1402,7 @@ fail_parent:
void exec_context_init(ExecContext *c) {
assert(c);
c->umask = 0002;
c->umask = 0022;
c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
c->cpu_sched_policy = SCHED_OTHER;
c->syslog_priority = LOG_DAEMON|LOG_INFO;

2
src/fsck.c
View File

@ -163,6 +163,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
parse_proc_cmdline();
test_files();

2
src/getty-generator.c
View File

@ -73,6 +73,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if (detect_container(NULL) > 0) {
log_debug("Automatic adding console shell.");

4
src/hostnamed.c
View File

@ -559,6 +559,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if (argc == 2 && streq(argv[1], "--introspect")) {
fputs(DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE
"<node>\n", stdout);
@ -576,8 +578,6 @@ int main(int argc, char *argv[]) {
if (!check_nss())
log_warning("Warning: nss-myhostname is not installed. Changing the local hostname might make it unresolveable. Please install nss-myhostname!");
umask(0022);
r = read_data();
if (r < 0) {
log_error("Failed to read hostname data: %s", strerror(-r));

2
src/initctl.c
View File

@ -364,6 +364,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if ((n = sd_listen_fds(true)) < 0) {
log_error("Failed to read listening file descriptors from environment: %s", strerror(-r));
return EXIT_FAILURE;

2
src/kmsg-syslogd.c
View File

@ -455,6 +455,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if ((n = sd_listen_fds(true)) < 0) {
log_error("Failed to read listening file descriptors from environment: %s", strerror(-r));
return EXIT_FAILURE;

4
src/localed.c
View File

@ -575,6 +575,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if (argc == 2 && streq(argv[1], "--introspect")) {
fputs(DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE
"<node>\n", stdout);
@ -589,8 +591,6 @@ int main(int argc, char *argv[]) {
goto finish;
}
umask(0022);
r = read_data();
if (r < 0) {
log_error("Failed to read locale data: %s", strerror(-r));

2
src/logger.c
View File

@ -637,6 +637,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if ((n = sd_listen_fds(true)) < 0) {
log_error("Failed to read listening file descriptors from environment: %s", strerror(-r));
return EXIT_FAILURE;

4
src/logind.c
View File

@ -1193,14 +1193,14 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if (argc != 1) {
log_error("This program takes no arguments.");
r = -EINVAL;
goto finish;
}
umask(0022);
m = manager_new();
if (!m) {
log_error("Out of memory");

3
src/machine-id-setup.c
View File

@ -167,7 +167,10 @@ int machine_id_setup(void) {
mkdir_p("/run/systemd", 0755);
m = umask(0022);
r = write_one_line_file("/run/systemd/machine-id", id);
umask(m);
if (r < 0) {
log_error("Cannot write /run/systemd/machine-id: %s", strerror(-r));

2
src/modules-load.c
View File

@ -46,6 +46,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if (!(arguments = strv_new("/sbin/modprobe", "-sab", "--", NULL))) {
log_error("Failed to allocate string array");
goto finish;

3
src/nspawn.c
View File

@ -314,7 +314,6 @@ static int copy_devnodes(const char *dest, const char *console) {
}
finish:
umask(u);
return r;
@ -776,7 +775,7 @@ int main(int argc, char *argv[]) {
goto child_fail;
}
umask(0002);
umask(0022);
if (drop_capabilities() < 0)
goto child_fail;

2
src/quotacheck.c
View File

@ -90,6 +90,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
parse_proc_cmdline();
test_files();

2
src/random-seed.c
View File

@ -47,6 +47,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
/* Read pool size, if possible */
if ((f = fopen("/proc/sys/kernel/random/poolsize", "re"))) {
fscanf(f, "%zu", &buf_size);

2
src/readahead-collect.c
View File

@ -656,6 +656,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if ((r = parse_argv(argc, argv)) <= 0)
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;

2
src/readahead-replay.c
View File

@ -340,6 +340,8 @@ int main(int argc, char*argv[]) {
log_parse_environment();
log_open();
umask(0022);
if ((r = parse_argv(argc, argv)) <= 0)
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;

2
src/remount-api-vfs.c
View File

@ -52,6 +52,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if (!(f = setmntent("/etc/fstab", "r"))) {
log_error("Failed to open /etc/fstab: %m");
goto finish;

2
src/shutdown.c
View File

@ -295,6 +295,8 @@ int main(int argc, char *argv[]) {
log_set_target(LOG_TARGET_CONSOLE); /* syslog will die if not gone yet */
log_open();
umask(0022);
if (getpid() != 1) {
log_error("Not executed by init (pid 1).");
r = -EPERM;

2
src/shutdownd.c
View File

@ -193,6 +193,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if ((n_fds = sd_listen_fds(true)) < 0) {
log_error("Failed to read listening file descriptors from environment: %s", strerror(-r));
return EXIT_FAILURE;

2
src/sysctl.c
View File

@ -228,6 +228,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if (argc > optind)
r = apply_file(argv[optind], false);
else {

4
src/timedated.c
View File

@ -578,6 +578,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if (argc == 2 && streq(argv[1], "--introspect")) {
fputs(DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE
"<node>\n", stdout);
@ -592,8 +594,6 @@ int main(int argc, char *argv[]) {
goto finish;
}
umask(0022);
r = read_data();
if (r < 0) {
log_error("Failed to read timezone data: %s", strerror(-r));

2
src/tmpfiles.c
View File

@ -972,6 +972,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
label_init();
items = hashmap_new(string_hash_func, string_compare_func);

2
src/tty-ask-password-agent.c
View File

@ -728,6 +728,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if ((r = parse_argv(argc, argv)) <= 0)
goto finish;

2
src/uaccess.c
View File

@ -38,6 +38,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
if (argc < 2 || argc > 3) {
log_error("This program expects one or two arguments.");
r = -EINVAL;

2
src/update-utmp.c
View File

@ -373,6 +373,8 @@ int main(int argc, char *argv[]) {
log_parse_environment();
log_open();
umask(0022);
#ifdef HAVE_AUDIT
if ((c.audit_fd = audit_open()) < 0)
log_error("Failed to connect to audit log: %m");

2
src/user-sessions.c
View File

@ -39,6 +39,8 @@ int main(int argc, char*argv[]) {
log_parse_environment();
log_open();
umask(0022);
if (streq(argv[1], "start")) {
int q = 0, r = 0;

2
src/vconsole-setup.c
View File

@ -171,6 +171,8 @@ int main(int argc, char **argv) {
log_parse_environment();
log_open();
umask(0022);
if (argv[1])
vc = argv[1];
else