namespace: make whole namespace_setup() work regardless of configured umask

Let's reset the umask during the whole namespace_setup() logic, so that
all our mkdir() + mknod() are not subjected to whatever umask might
currently be set.

This mostly moves the umask save/restore logic out of
mount_private_dev() and into the stack frame of namespace_setup() that
is further out.

Fixes #19899

diff --git a/src/core/namespace.c b/src/core/namespace.c
index 5d18b26a74a940234ba61644a6bb6764f364db0f..2239bbfb8aa02e8d03f2189303da2d41fe367dbe 100644 (file)
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -852,13 +852,10 @@ static int mount_private_dev(MountEntry *m) {
         char temporary_mount[] = "/tmp/namespace-dev-XXXXXX";
         const char *d, *dev = NULL, *devpts = NULL, *devshm = NULL, *devhugepages = NULL, *devmqueue = NULL, *devlog = NULL, *devptmx = NULL;
         bool can_mknod = true;
-        _unused_ _cleanup_umask_ mode_t u;
         int r;
 
         assert(m);
 
-        u = umask(0000);
-
         if (!mkdtemp(temporary_mount))
                 return log_debug_errno(errno, "Failed to create temporary directory '%s': %m", temporary_mount);
 
@@ -1898,6 +1895,10 @@ int setup_namespace(
 
         assert(ns_info);
 
+        /* Make sure that all mknod(), mkdir() calls we do are unaffected by the umask, and the access modes
+         * we configure take effect */
+        BLOCK_WITH_UMASK(0000);
+
         if (!isempty(propagate_dir) && !isempty(incoming_dir))
                 setup_propagate = true;