From: Amos Jeffries Date: Fri, 2 May 2008 10:59:20 +0000 (+1200) Subject: Author: Alex Rousskov X-Git-Tag: SQUID_3_1_0_1~49^2~259 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=c642c141cbe8b634da0fcbf05a23d552fa3604b9;p=thirdparty%2Fsquid.git Author: Alex Rousskov Bug 2254: umask support needs porting from 2.6 --- diff --git a/src/cache_cf.cc b/src/cache_cf.cc index b6e9c53092..f41466343a 100644 --- a/src/cache_cf.cc +++ b/src/cache_cf.cc @@ -403,6 +403,7 @@ parseConfigFile(const char *file_name, CacheManager & manager) if (!Config.chroot_dir) { leave_suid(); + setUmask(Config.umask); _db_init(Config.Log.log, Config.debugOptions); enter_suid(); } diff --git a/src/cf.data.pre b/src/cf.data.pre index 7e4c9d77d6..6c30ee100e 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -3525,6 +3525,18 @@ DOC_START A list of other DNS names your cache has. DOC_END +NAME: umask +TYPE: int +LOC: Config.umask +DEFAULT: 027 +DOC_START + Minimum umask which should be enforced while the proxy + is running, in addition to the umask set at startup. + + For a traditional octal representation of umasks, start + your value with 0. +DOC_END + COMMENT_START OPTIONS FOR THE CACHE REGISTRATION SERVICE ----------------------------------------------------------------------------- diff --git a/src/main.cc b/src/main.cc index 8581ffd8d6..006a9e6e98 100644 --- a/src/main.cc +++ b/src/main.cc @@ -694,6 +694,7 @@ mainReconfigure(void) errorClean(); enter_suid(); /* root to read config file */ parseConfigFile(ConfigFile, manager); + setUmask(Config.umask); Mem::Report(); setEffectiveUser(); _db_init(Config.Log.log, Config.debugOptions); @@ -1150,7 +1151,6 @@ int main(int argc, char **argv) #endif { - mode_t oldmask; #ifdef _SQUID_WIN32_ int WIN32_init_err; @@ -1197,17 +1197,6 @@ main(int argc, char **argv) #endif #endif /* HAVE_MALLOPT */ - /* - * The plan here is to set the umask to 007 (deny others for - * read,write,execute), but only if the umask is not already - * set. Unfortunately, there is no way to get the current - * umask value without setting it. - */ - oldmask = umask(S_IRWXO); - - if (oldmask) - umask(oldmask); - squid_srandom(time(NULL)); getCurrentTime(); @@ -1281,6 +1270,7 @@ main(int argc, char **argv) return parse_err; } + setUmask(Config.umask); if (-1 == opt_send_signal) if (checkRunningPid()) exit(1); diff --git a/src/protos.h b/src/protos.h index 7d9515d53a..5b338ebd68 100644 --- a/src/protos.h +++ b/src/protos.h @@ -694,6 +694,7 @@ SQUIDCEXTERN int xrename(const char *from, const char *to); SQUIDCEXTERN int isPowTen(int); SQUIDCEXTERN void parseEtcHosts(void); SQUIDCEXTERN int getMyPort(void); +SQUIDCEXTERN void setUmask(mode_t mask); SQUIDCEXTERN char *strwordtok(char *buf, char **t); SQUIDCEXTERN void strwordquote(MemBuf * mb, const char *str); diff --git a/src/structs.h b/src/structs.h index 713f65143e..9c1352dc06 100644 --- a/src/structs.h +++ b/src/structs.h @@ -638,6 +638,7 @@ struct SquidConfig #endif char *accept_filter; + int umask; #if USE_LOADABLE_MODULES wordlist *loadable_module_names; diff --git a/src/tools.cc b/src/tools.cc index ea21c8e27c..fde820e4f9 100644 --- a/src/tools.cc +++ b/src/tools.cc @@ -1183,6 +1183,17 @@ getMyPort(void) return 0; /* NOT REACHED */ } +/* + * Set the umask to at least the given mask. This is in addition + * to the umask set at startup + */ +void +setUmask(mode_t mask) +{ + // No way to get the current umask value without setting it. + static const mode_t orig_umask = umask(mask); // once, to get + umask(mask | orig_umask); // always, to set +} /* * Inverse of strwordtok. Quotes a word if needed