picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

umask: change default umask to 0022 just to be sure, and set it explicitly in all binaries, in order to make sure it is set when started from the terminal

Browse source
This commit is contained in:
Lennart Poettering 2011-08-01 20:52:18 +02:00
parent 07f8a4aa49
commit 4c12626c8e
30 changed files with 59 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/binfmt.c
View file

@ -127,6 +127,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if (argc > 1) { if (argc > 1) {
r = apply_file(argv[1], false); r = apply_file(argv[1], false);
} else { } else {

2
src/cryptsetup-generator.c
View file

@ -246,6 +246,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if (!(f = fopen("/etc/crypttab", "re"))) { if (!(f = fopen("/etc/crypttab", "re"))) {
if (errno == ENOENT) if (errno == ENOENT)

2
src/cryptsetup.c
View file

@ -241,6 +241,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if (streq(argv[1], "attach")) { if (streq(argv[1], "attach")) {
uint32_t flags = 0; uint32_t flags = 0;
int k; int k;

2
src/execute.c
View file

@ -1402,7 +1402,7 @@ fail_parent:
void exec_context_init(ExecContext *c) { void exec_context_init(ExecContext *c) {
assert(c); assert(c);
c->umask = 0002; c->umask = 0022;
c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0); c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
c->cpu_sched_policy = SCHED_OTHER; c->cpu_sched_policy = SCHED_OTHER;
c->syslog_priority = LOG_DAEMON|LOG_INFO; c->syslog_priority = LOG_DAEMON|LOG_INFO;

2
src/fsck.c
View file

@ -163,6 +163,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
parse_proc_cmdline(); parse_proc_cmdline();
test_files(); test_files();

2
src/getty-generator.c
View file

@ -73,6 +73,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if (detect_container(NULL) > 0) { if (detect_container(NULL) > 0) {
log_debug("Automatic adding console shell."); log_debug("Automatic adding console shell.");

4
src/hostnamed.c
View file

@ -559,6 +559,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if (argc == 2 && streq(argv[1], "--introspect")) { if (argc == 2 && streq(argv[1], "--introspect")) {
fputs(DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE fputs(DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE
"<node>\n", stdout); "<node>\n", stdout);
@ -576,8 +578,6 @@ int main(int argc, char *argv[]) {
if (!check_nss()) if (!check_nss())
log_warning("Warning: nss-myhostname is not installed. Changing the local hostname might make it unresolveable. Please install nss-myhostname!"); log_warning("Warning: nss-myhostname is not installed. Changing the local hostname might make it unresolveable. Please install nss-myhostname!");
umask(0022);
r = read_data(); r = read_data();
if (r < 0) { if (r < 0) {
log_error("Failed to read hostname data: %s", strerror(-r)); log_error("Failed to read hostname data: %s", strerror(-r));

2
src/initctl.c
View file

@ -364,6 +364,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if ((n = sd_listen_fds(true)) < 0) { if ((n = sd_listen_fds(true)) < 0) {
log_error("Failed to read listening file descriptors from environment: %s", strerror(-r)); log_error("Failed to read listening file descriptors from environment: %s", strerror(-r));
return EXIT_FAILURE; return EXIT_FAILURE;

2
src/kmsg-syslogd.c
View file

@ -455,6 +455,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if ((n = sd_listen_fds(true)) < 0) { if ((n = sd_listen_fds(true)) < 0) {
log_error("Failed to read listening file descriptors from environment: %s", strerror(-r)); log_error("Failed to read listening file descriptors from environment: %s", strerror(-r));
return EXIT_FAILURE; return EXIT_FAILURE;

4
src/localed.c
View file

@ -575,6 +575,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if (argc == 2 && streq(argv[1], "--introspect")) { if (argc == 2 && streq(argv[1], "--introspect")) {
fputs(DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE fputs(DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE
"<node>\n", stdout); "<node>\n", stdout);
@ -589,8 +591,6 @@ int main(int argc, char *argv[]) {
goto finish; goto finish;
} }
umask(0022);
r = read_data(); r = read_data();
if (r < 0) { if (r < 0) {
log_error("Failed to read locale data: %s", strerror(-r)); log_error("Failed to read locale data: %s", strerror(-r));

2
src/logger.c
View file

@ -637,6 +637,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if ((n = sd_listen_fds(true)) < 0) { if ((n = sd_listen_fds(true)) < 0) {
log_error("Failed to read listening file descriptors from environment: %s", strerror(-r)); log_error("Failed to read listening file descriptors from environment: %s", strerror(-r));
return EXIT_FAILURE; return EXIT_FAILURE;

4
src/logind.c
View file

@ -1193,14 +1193,14 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if (argc != 1) { if (argc != 1) {
log_error("This program takes no arguments."); log_error("This program takes no arguments.");
r = -EINVAL; r = -EINVAL;
goto finish; goto finish;
} }
umask(0022);
m = manager_new(); m = manager_new();
if (!m) { if (!m) {
log_error("Out of memory"); log_error("Out of memory");

3
src/machine-id-setup.c
View file

@ -167,7 +167,10 @@ int machine_id_setup(void) {
mkdir_p("/run/systemd", 0755); mkdir_p("/run/systemd", 0755);
m = umask(0022);
r = write_one_line_file("/run/systemd/machine-id", id); r = write_one_line_file("/run/systemd/machine-id", id);
umask(m);
if (r < 0) { if (r < 0) {
log_error("Cannot write /run/systemd/machine-id: %s", strerror(-r)); log_error("Cannot write /run/systemd/machine-id: %s", strerror(-r));

2
src/modules-load.c
View file

@ -46,6 +46,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if (!(arguments = strv_new("/sbin/modprobe", "-sab", "--", NULL))) { if (!(arguments = strv_new("/sbin/modprobe", "-sab", "--", NULL))) {
log_error("Failed to allocate string array"); log_error("Failed to allocate string array");
goto finish; goto finish;

3
src/nspawn.c
View file

@ -314,7 +314,6 @@ static int copy_devnodes(const char *dest, const char *console) {
} }
finish: finish:
umask(u); umask(u);
return r; return r;
@ -776,7 +775,7 @@ int main(int argc, char *argv[]) {
goto child_fail; goto child_fail;
} }
umask(0002); umask(0022);
if (drop_capabilities() < 0) if (drop_capabilities() < 0)
goto child_fail; goto child_fail;

2
src/quotacheck.c
View file

@ -90,6 +90,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
parse_proc_cmdline(); parse_proc_cmdline();
test_files(); test_files();

2
src/random-seed.c
View file

@ -47,6 +47,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
/* Read pool size, if possible */ /* Read pool size, if possible */
if ((f = fopen("/proc/sys/kernel/random/poolsize", "re"))) { if ((f = fopen("/proc/sys/kernel/random/poolsize", "re"))) {
fscanf(f, "%zu", &buf_size); fscanf(f, "%zu", &buf_size);

2
src/readahead-collect.c
View file

@ -656,6 +656,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if ((r = parse_argv(argc, argv)) <= 0) if ((r = parse_argv(argc, argv)) <= 0)
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;

2
src/readahead-replay.c
View file

@ -340,6 +340,8 @@ int main(int argc, char*argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if ((r = parse_argv(argc, argv)) <= 0) if ((r = parse_argv(argc, argv)) <= 0)
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;

2
src/remount-api-vfs.c
View file

@ -52,6 +52,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if (!(f = setmntent("/etc/fstab", "r"))) { if (!(f = setmntent("/etc/fstab", "r"))) {
log_error("Failed to open /etc/fstab: %m"); log_error("Failed to open /etc/fstab: %m");
goto finish; goto finish;

2
src/shutdown.c
View file

@ -295,6 +295,8 @@ int main(int argc, char *argv[]) {
log_set_target(LOG_TARGET_CONSOLE); /* syslog will die if not gone yet */ log_set_target(LOG_TARGET_CONSOLE); /* syslog will die if not gone yet */
log_open(); log_open();
umask(0022);
if (getpid() != 1) { if (getpid() != 1) {
log_error("Not executed by init (pid 1)."); log_error("Not executed by init (pid 1).");
r = -EPERM; r = -EPERM;

2
src/shutdownd.c
View file

@ -193,6 +193,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if ((n_fds = sd_listen_fds(true)) < 0) { if ((n_fds = sd_listen_fds(true)) < 0) {
log_error("Failed to read listening file descriptors from environment: %s", strerror(-r)); log_error("Failed to read listening file descriptors from environment: %s", strerror(-r));
return EXIT_FAILURE; return EXIT_FAILURE;

2
src/sysctl.c
View file

@ -228,6 +228,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if (argc > optind) if (argc > optind)
r = apply_file(argv[optind], false); r = apply_file(argv[optind], false);
else { else {

4
src/timedated.c
View file

@ -578,6 +578,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if (argc == 2 && streq(argv[1], "--introspect")) { if (argc == 2 && streq(argv[1], "--introspect")) {
fputs(DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE fputs(DBUS_INTROSPECT_1_0_XML_DOCTYPE_DECL_NODE
"<node>\n", stdout); "<node>\n", stdout);
@ -592,8 +594,6 @@ int main(int argc, char *argv[]) {
goto finish; goto finish;
} }
umask(0022);
r = read_data(); r = read_data();
if (r < 0) { if (r < 0) {
log_error("Failed to read timezone data: %s", strerror(-r)); log_error("Failed to read timezone data: %s", strerror(-r));

2
src/tmpfiles.c
View file

@ -972,6 +972,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
label_init(); label_init();
items = hashmap_new(string_hash_func, string_compare_func); items = hashmap_new(string_hash_func, string_compare_func);

2
src/tty-ask-password-agent.c
View file

@ -728,6 +728,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if ((r = parse_argv(argc, argv)) <= 0) if ((r = parse_argv(argc, argv)) <= 0)
goto finish; goto finish;

2
src/uaccess.c
View file

@ -38,6 +38,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if (argc < 2 || argc > 3) { if (argc < 2 || argc > 3) {
log_error("This program expects one or two arguments."); log_error("This program expects one or two arguments.");
r = -EINVAL; r = -EINVAL;

2
src/update-utmp.c
View file

@ -373,6 +373,8 @@ int main(int argc, char *argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
#ifdef HAVE_AUDIT #ifdef HAVE_AUDIT
if ((c.audit_fd = audit_open()) < 0) if ((c.audit_fd = audit_open()) < 0)
log_error("Failed to connect to audit log: %m"); log_error("Failed to connect to audit log: %m");

2
src/user-sessions.c
View file

@ -39,6 +39,8 @@ int main(int argc, char*argv[]) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if (streq(argv[1], "start")) { if (streq(argv[1], "start")) {
int q = 0, r = 0; int q = 0, r = 0;

2
src/vconsole-setup.c
View file

@ -171,6 +171,8 @@ int main(int argc, char **argv) {
log_parse_environment(); log_parse_environment();
log_open(); log_open();
umask(0022);
if (argv[1]) if (argv[1])
vc = argv[1]; vc = argv[1];
else else