On Fri, 2012-03-09 at 16:00 +0100, Jan Cholasta wrote:
On 9.3.2012 10:29, Jan Zelený wrote:
>> On 7.3.2012 17:25, Jan Zelený wrote:
>>>> On Wed, 2012-03-07 at 16:23 +0100, Jan Cholasta wrote:
>>>>> On 7.3.2012 14:22, Jan Zelený wrote:
>>>>>> Please check the umask mode, that's the only thing I'm
not sure about.
>>>>>
>>>>> The file mode is changed after the file is created using fchmod(),
so
>>>>> no umask is necessary. I did not use umask in the first place
because
>>>>> according to mkstemp man page:
>>>>>
>>>>> "The file is created with permissions 0600, that is, read plus
write
>>>>> for owner only. (In glibc versions 2.06 and earlier, the file is
>>>>> created with permissions 0666, that is, read and write for all
>>>>> users.)"
>>>>>
>>>>> If you really want to use umask, use umask mode 0133 instead of
0122.
>>>>
>>>> Please use umask. This may be the case with glibc, but we can't
>>>> guarantee that behavior on other libc implementations (which would
>>>> hinder porting efforts).
>>>
>>> Corrected patch attached.
>>>
>>> Jan
>>
>> NACK. The fchmod has to stay, otherwise the file will be unreadable for
>> users other than root (because 0600& ~0133 == 0600, but we need 0644).
>
> Thanks, I thought that the umask will actually do this. I'm sending another
> round of patches.
>
> Thanks
> Jan
ACK.
Pushed to master and sssd-1-8.