Create KDC and kadmind log files with mode 0640

In krb5_klog_init(), use open() and fdopen() to open log files so that
we can specify a mode.  Specify a mode which doesn't include the
group-write, other-read, or other-write bits even if the process umask
allows them.

[ghudson@mit.edu: wrote commit message, de-indented post-open setup
code]

ticket: 8344 (new)

diff --git a/src/lib/kadm5/logger.c b/src/lib/kadm5/logger.c
index 19c4355148e21dd667b6885f2d8f0c6e8d70d4fa..f4a93877619b11b4f1e2b8e569c3576ce8cb39ed 100644 (file)
--- a/src/lib/kadm5/logger.c
+++ b/src/lib/kadm5/logger.c
@@ -354,7 +354,7 @@ krb5_klog_init(krb5_context kcontext, char *ename, char *whoami, krb5_boolean do
     const char  *logging_profent[3];
     const char  *logging_defent[3];
     char        **logging_specs;
-    int         i, ngood;
+    int         i, ngood, fd, append;
     char        *cp, *cp2;
     char        savec = '\0';
     int         error;
@@ -422,18 +422,21 @@ krb5_klog_init(krb5_context kcontext, char *ename, char *whoami, krb5_boolean do
                     /*
                      * Check for append/overwrite, then open the file.
                      */
-                    if (cp[4] == ':' || cp[4] == '=') {
-                        f = fopen(&cp[5], (cp[4] == ':') ? "a" : "w");
-                        if (f) {
-                            set_cloexec_file(f);
-                            log_control.log_entries[i].lfu_filep = f;
-                            log_control.log_entries[i].log_type = K_LOG_FILE;
-                            log_control.log_entries[i].lfu_fname = &cp[5];
-                        } else {
+                    append = (cp[4] == ':') ? O_APPEND : 0;
+                    if (append || cp[4] == '=') {
+                        fd = open(&cp[5], O_CREAT | O_WRONLY | append,
+                                  S_IRUSR | S_IWUSR | S_IRGRP);
+                        if (fd != -1)
+                            f = fdopen(fd, append ? "a" : "w");
+                        if (fd == -1 || f == NULL) {
                             fprintf(stderr,"Couldn't open log file %s: %s\n",
                                     &cp[5], error_message(errno));
                             continue;
                         }
+                        set_cloexec_file(f);
+                        log_control.log_entries[i].lfu_filep = f;
+                        log_control.log_entries[i].log_type = K_LOG_FILE;
+                        log_control.log_entries[i].lfu_fname = &cp[5];
                     }
                 }
 #ifdef  HAVE_SYSLOG