diff options
| author | Lennart Poettering <lennart@poettering.net> | 2016-04-07 16:15:26 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2016-04-12 13:43:32 +0200 |
| commit | 8612da973d30c5a9530fa1b6b3d449147b5a3324 (patch) | |
| tree | 391c71ae6c9bd01e69ed98e39b8cbc72e3f07572 | |
| parent | 4f4afc88ecd8ab9cfe9e1eeea7e3aeb937811937 (diff) | |
core: be more paranoid when mixing umask and fopen()
Let's be extra careful with the umask when we use simple fopen(), as this
creates files with 0777 by default.
| -rw-r--r-- | src/basic/util.c | 4 | ||||
| -rw-r--r-- | src/core/machine-id-setup.c | 3 | ||||
| -rw-r--r-- | src/core/main.c | 4 |
3 files changed, 7 insertions, 4 deletions
diff --git a/src/basic/util.c b/src/basic/util.c index f1e3bd5b48..6996527ec4 100644 --- a/src/basic/util.c +++ b/src/basic/util.c @@ -55,6 +55,7 @@ #include "string-util.h" #include "strv.h" #include "time-util.h" +#include "umask-util.h" #include "user-util.h" #include "util.h" @@ -781,7 +782,8 @@ int update_reboot_param_file(const char *param) { int r = 0; if (param) { - r = write_string_file(REBOOT_PARAM_FILE, param, WRITE_STRING_FILE_CREATE); + RUN_WITH_UMASK(0022) + r = write_string_file(REBOOT_PARAM_FILE, param, WRITE_STRING_FILE_CREATE); if (r < 0) return log_error_errno(r, "Failed to write reboot param to "REBOOT_PARAM_FILE": %m"); } else diff --git a/src/core/machine-id-setup.c b/src/core/machine-id-setup.c index 7b25349c07..86da16c31e 100644 --- a/src/core/machine-id-setup.c +++ b/src/core/machine-id-setup.c @@ -259,9 +259,8 @@ int machine_id_setup(const char *root, sd_id128_t machine_id) { /* Hmm, we couldn't write it? So let's write it to * /run/machine-id as a replacement */ - RUN_WITH_UMASK(0022) { + RUN_WITH_UMASK(0022) r = write_string_file(run_machine_id, id, WRITE_STRING_FILE_CREATE); - } if (r < 0) { (void) unlink(run_machine_id); return log_error_errno(r, "Cannot write %s: %m", run_machine_id); diff --git a/src/core/main.c b/src/core/main.c index a428e345e0..2912608435 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -81,6 +81,7 @@ #include "strv.h" #include "switch-root.h" #include "terminal-util.h" +#include "umask-util.h" #include "user-util.h" #include "virt.h" #include "watchdog.h" @@ -1237,7 +1238,8 @@ static int write_container_id(void) { if (isempty(c)) return 0; - r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE); + RUN_WITH_UMASK(0022) + r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE); if (r < 0) return log_warning_errno(r, "Failed to write /run/systemd/container, ignoring: %m"); |