umask(0) in all binaries
jra at samba.org
Mon Nov 4 13:25:29 MST 2013
On Mon, Nov 04, 2013 at 12:54:23PM -0700, Christof Schmitt wrote:
> I have been chasing an issue where the permissions on /var/ctdb/samba
> are set to 0700 instead of 0755. Commit 59462f2 "winbindd and nmbd don't
> set their umask to zero on startup like smbd does." fixed this in case
> the directory is created by winbindd or nmbd. Other binaries from
> source3/utils will also call into cache_path() that will create the
> directory through xx_path() in case it does not exist. Depending on the
> umask of the caller, the permissions will be different than expected.
> What is the best way to fix this? Call umask(0) from every main function
> to ensure that we use the intended permissions?
As the utilities are designed to act on databases created by
the running daemons, I don't think the utilities have any
business creating those directories.
Maybe add a function varient that is only used by the utility
functions (e.g. xx_path_client()) which uses a flags to a xx_path_internal() function
that will never create the directory. The long running daemons
call xx_path(), which then calls xx_path_internal() setting
the "create" flag.
More information about the samba-technical