summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/core/machine-id-setup.c43
-rw-r--r--src/core/manager.c14
-rw-r--r--src/shared/ask-password-api.c14
-rw-r--r--src/shared/util.c13
-rw-r--r--src/shared/util.h18
-rw-r--r--src/tmpfiles/tmpfiles.c44
6 files changed, 75 insertions, 71 deletions
diff --git a/src/core/machine-id-setup.c b/src/core/machine-id-setup.c
index 51074fea44..fbba3aab78 100644
--- a/src/core/machine-id-setup.c
+++ b/src/core/machine-id-setup.c
@@ -155,31 +155,27 @@ int machine_id_setup(void) {
bool writable;
struct stat st;
char id[34]; /* 32 + \n + \0 */
- mode_t m;
- m = umask(0000);
-
- /* We create this 0444, to indicate that this isn't really
- * something you should ever modify. Of course, since the file
- * will be owned by root it doesn't matter much, but maybe
- * people look. */
+ RUN_WITH_UMASK(0000) {
+ /* We create this 0444, to indicate that this isn't really
+ * something you should ever modify. Of course, since the file
+ * will be owned by root it doesn't matter much, but maybe
+ * people look. */
+
+ fd = open("/etc/machine-id", O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444);
+ if (fd >= 0)
+ writable = true;
+ else {
+ fd = open("/etc/machine-id", O_RDONLY|O_CLOEXEC|O_NOCTTY);
+ if (fd < 0) {
+ log_error("Cannot open /etc/machine-id: %m");
+ return -errno;
+ }
- fd = open("/etc/machine-id", O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444);
- if (fd >= 0)
- writable = true;
- else {
- fd = open("/etc/machine-id", O_RDONLY|O_CLOEXEC|O_NOCTTY);
- if (fd < 0) {
- umask(m);
- log_error("Cannot open /etc/machine-id: %m");
- return -errno;
+ writable = false;
}
-
- writable = false;
}
- umask(m);
-
if (fstat(fd, &st) < 0) {
log_error("fstat() failed: %m");
r = -errno;
@@ -215,10 +211,9 @@ int machine_id_setup(void) {
/* Hmm, we couldn't write it? So let's write it to
* /run/machine-id as a replacement */
- m = umask(0022);
- r = write_string_file("/run/machine-id", id);
- umask(m);
-
+ RUN_WITH_UMASK(0022) {
+ r = write_string_file("/run/machine-id", id);
+ }
if (r < 0) {
log_error("Cannot write /run/machine-id: %s", strerror(-r));
diff --git a/src/core/manager.c b/src/core/manager.c
index f90ccd5b5f..e26522a4dd 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1984,7 +1984,6 @@ void manager_dispatch_bus_query_pid_done(
int manager_open_serialization(Manager *m, FILE **_f) {
char *path = NULL;
- mode_t saved_umask;
int fd;
FILE *f;
@@ -1998,9 +1997,9 @@ int manager_open_serialization(Manager *m, FILE **_f) {
if (!path)
return -ENOMEM;
- saved_umask = umask(0077);
- fd = mkostemp(path, O_RDWR|O_CLOEXEC);
- umask(saved_umask);
+ RUN_WITH_UMASK(0077) {
+ fd = mkostemp(path, O_RDWR|O_CLOEXEC);
+ }
if (fd < 0) {
free(path);
@@ -2515,7 +2514,6 @@ void manager_run_generators(Manager *m) {
DIR *d = NULL;
const char *generator_path;
const char *argv[5];
- mode_t u;
int r;
assert(m);
@@ -2549,9 +2547,9 @@ void manager_run_generators(Manager *m) {
argv[3] = m->generator_unit_path_late;
argv[4] = NULL;
- u = umask(0022);
- execute_directory(generator_path, d, (char**) argv);
- umask(u);
+ RUN_WITH_UMASK(0022) {
+ execute_directory(generator_path, d, (char**) argv);
+ }
trim_generator_dir(m, &m->generator_unit_path);
trim_generator_dir(m, &m->generator_unit_path_early);
diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
index 85530660dc..277efd302e 100644
--- a/src/shared/ask-password-api.c
+++ b/src/shared/ask-password-api.c
@@ -251,7 +251,6 @@ static int create_socket(char **name) {
} sa;
int one = 1, r;
char *c;
- mode_t u;
assert(name);
@@ -265,9 +264,9 @@ static int create_socket(char **name) {
sa.un.sun_family = AF_UNIX;
snprintf(sa.un.sun_path, sizeof(sa.un.sun_path)-1, "/run/systemd/ask-password/sck.%llu", random_ull());
- u = umask(0177);
- r = bind(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path));
- umask(u);
+ RUN_WITH_UMASK(0177) {
+ r = bind(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path));
+ }
if (r < 0) {
r = -errno;
@@ -317,7 +316,6 @@ int ask_password_agent(
int socket_fd = -1, signal_fd = -1;
sigset_t mask, oldmask;
struct pollfd pollfd[_FD_MAX];
- mode_t u;
assert(_passphrases);
@@ -327,9 +325,9 @@ int ask_password_agent(
mkdir_p_label("/run/systemd/ask-password", 0755);
- u = umask(0022);
- fd = mkostemp(temp, O_CLOEXEC|O_CREAT|O_WRONLY);
- umask(u);
+ RUN_WITH_UMASK(0022) {
+ fd = mkostemp(temp, O_CLOEXEC|O_CREAT|O_WRONLY);
+ }
if (fd < 0) {
log_error("Failed to create password file: %m");
diff --git a/src/shared/util.c b/src/shared/util.c
index d861ca9f09..1bffd84d1f 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -5732,12 +5732,12 @@ int search_and_fopen_nulstr(const char *path, const char *mode, const char *sear
int create_tmp_dir(char template[], char** dir_name) {
int r = 0;
char *d, *dt;
- mode_t _cleanup_umask_ u;
assert(dir_name);
- u = umask(0077);
- d = mkdtemp(template);
+ RUN_WITH_UMASK(0077) {
+ d = mkdtemp(template);
+ }
if (!d) {
log_error("Can't create directory %s: %m", template);
return -errno;
@@ -5749,9 +5749,10 @@ int create_tmp_dir(char template[], char** dir_name) {
goto fail3;
}
- umask(0000);
- r = mkdir(dt, 0777);
- if (r) {
+ RUN_WITH_UMASK(0000) {
+ r = mkdir(dt, 0777);
+ }
+ if (r < 0) {
log_error("Can't create directory %s: %m", dt);
r = -errno;
goto fail2;
diff --git a/src/shared/util.h b/src/shared/util.h
index 7f050758a0..69a47653aa 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -616,8 +616,22 @@ char *strrep(const char *s, unsigned n);
void* greedy_realloc(void **p, size_t *allocated, size_t need);
-static inline void reset_errno(int *saved_errno) {
+static inline void _reset_errno_(int *saved_errno) {
errno = *saved_errno;
}
-#define PROTECT_ERRNO __attribute__((cleanup(reset_errno))) int _saved_errno_ = errno
+#define PROTECT_ERRNO __attribute__((cleanup(_reset_errno_))) int _saved_errno_ = errno
+
+struct umask_struct {
+ mode_t mask;
+ bool quit;
+};
+
+static inline void _reset_umask_(struct umask_struct *s) {
+ umask(s->mask);
+};
+
+#define RUN_WITH_UMASK(mask) \
+ for (__attribute__((cleanup(_reset_umask_))) struct umask_struct _saved_umask_ = { umask(mask), false }; \
+ !_saved_umask_.quit ; \
+ _saved_umask_.quit = true)
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
index 84f4986503..4e2519d1b5 100644
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -454,18 +454,17 @@ static int item_set_perms(Item *i, const char *path) {
static int write_one_file(Item *i, const char *path) {
int r, e, fd, flags;
struct stat st;
- mode_t u;
flags = i->type == CREATE_FILE ? O_CREAT|O_APPEND :
i->type == TRUNCATE_FILE ? O_CREAT|O_TRUNC : 0;
- u = umask(0);
- label_context_set(path, S_IFREG);
- fd = open(path, flags|O_NDELAY|O_CLOEXEC|O_WRONLY|O_NOCTTY|O_NOFOLLOW, i->mode);
- e = errno;
- label_context_clear();
- umask(u);
- errno = e;
+ RUN_WITH_UMASK(0) {
+ label_context_set(path, S_IFREG);
+ fd = open(path, flags|O_NDELAY|O_CLOEXEC|O_WRONLY|O_NOCTTY|O_NOFOLLOW, i->mode);
+ e = errno;
+ label_context_clear();
+ errno = e;
+ }
if (fd < 0) {
if (i->type == WRITE_FILE && errno == ENOENT)
@@ -629,7 +628,6 @@ static int glob_item(Item *i, int (*action)(Item *, const char *)) {
static int create_item(Item *i) {
int r, e;
- mode_t u;
struct stat st;
assert(i);
@@ -658,10 +656,10 @@ static int create_item(Item *i) {
case TRUNCATE_DIRECTORY:
case CREATE_DIRECTORY:
- u = umask(0);
- mkdir_parents_label(i->path, 0755);
- r = mkdir(i->path, i->mode);
- umask(u);
+ RUN_WITH_UMASK(0000) {
+ mkdir_parents_label(i->path, 0755);
+ r = mkdir(i->path, i->mode);
+ }
if (r < 0 && errno != EEXIST) {
log_error("Failed to create directory %s: %m", i->path);
@@ -686,9 +684,9 @@ static int create_item(Item *i) {
case CREATE_FIFO:
- u = umask(0);
- r = mkfifo(i->path, i->mode);
- umask(u);
+ RUN_WITH_UMASK(0000) {
+ r = mkfifo(i->path, i->mode);
+ }
if (r < 0 && errno != EEXIST) {
log_error("Failed to create fifo %s: %m", i->path);
@@ -757,13 +755,13 @@ static int create_item(Item *i) {
file_type = (i->type == CREATE_BLOCK_DEVICE ? S_IFBLK : S_IFCHR);
- u = umask(0);
- label_context_set(i->path, file_type);
- r = mknod(i->path, i->mode | file_type, i->major_minor);
- e = errno;
- label_context_clear();
- umask(u);
- errno = e;
+ RUN_WITH_UMASK(0000) {
+ label_context_set(i->path, file_type);
+ r = mknod(i->path, i->mode | file_type, i->major_minor);
+ e = errno;
+ label_context_clear();
+ errno = e;
+ }
if (r < 0 && errno != EEXIST) {
log_error("Failed to create device node %s: %m", i->path);