umask(0) in all binaries

[Jeremy Allison]

On Mon, Nov 04, 2013 at 02:26:13PM -0700, Christof Schmitt wrote:
> On Mon, Nov 04, 2013 at 12:25:29PM -0800, Jeremy Allison wrote:
> > On Mon, Nov 04, 2013 at 12:54:23PM -0700, Christof Schmitt wrote:
> > > I have been chasing an issue where the permissions on /var/ctdb/samba
> > > are set to 0700 instead of 0755. Commit 59462f2 "winbindd and nmbd don't
> > > set their umask to zero on startup like smbd does." fixed this in case
> > > the directory is created by winbindd or nmbd. Other binaries from
> > > source3/utils will also call into cache_path() that will create the
> > > directory through xx_path() in case it does not exist. Depending on the
> > > umask of the caller, the permissions will be different than expected.
> > > 
> > > What is the best way to fix this? Call umask(0) from every main function
> > > to ensure that we use the intended permissions?
> > 
> > As the utilities are designed to act on databases created by
> > the running daemons, I don't think the utilities have any
> > business creating those directories.
> > 
> > Maybe add a function varient that is only used by the utility
> > functions (e.g. xx_path_client()) which uses a flags to a xx_path_internal() function
> > that will never create the directory. The long running daemons
> > call xx_path(), which then calls xx_path_internal() setting
> > the "create" flag.
> 
> Looking at the code, it will be difficult in some places to decide if
> the call has been made froma daemon or from a utility, e.g.
> db_open_ctdb -> g_lock_ctx_init -> lock_path

Ah, ok. I hadn't considered that.

> If we decide that only smbd, winbindd and nmbd should create those
> directories in case they are missing: Wouldn't it be simpler to create
> the directories directly during startup of those daemons, and remove the
> if (!directory_exist(fname)) from xx_path?

Yes, I would support that change.

Jeremy.