git: 2d6a03dd43c7 - stable/13 - rc.conf(5): add <service>_umask to run the service using this value
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 02 Dec 2023 08:16:10 UTC
The branch stable/13 has been updated by eugen: URL: https://cgit.FreeBSD.org/src/commit/?id=2d6a03dd43c758cdd7c7dd9590459d1aa77d4333 commit 2d6a03dd43c758cdd7c7dd9590459d1aa77d4333 Author: Eugene Grosbein <eugen@FreeBSD.org> AuthorDate: 2022-08-28 05:45:23 +0000 Commit: Eugene Grosbein <eugen@FreeBSD.org> CommitDate: 2023-12-02 08:15:52 +0000 rc.conf(5): add <service>_umask to run the service using this value None of tools working with login classes change umask(1) and we had no ways to specify non-default umask for a service not touching its startup script. This change makes in possible. Some file-sharing services that create new files may benefit from it. Differential: https://reviews.freebsd.org/D36309 (cherry picked from commit 160a2f2cdda806e104c0d3194bfb84b208ad1ae8) --- libexec/rc/rc.subr | 10 +++++++++- share/man/man5/rc.conf.5 | 8 +++++++- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/libexec/rc/rc.subr b/libexec/rc/rc.subr index 2f9ce7f54bef..04b30cac40a7 100644 --- a/libexec/rc/rc.subr +++ b/libexec/rc/rc.subr @@ -790,6 +790,8 @@ startmsg() # # ${name}_oomprotect n Don't kill ${command} when swap space is exhausted. # +# ${name}_umask n The file creation mask to run ${command} with. +# # ${name}_user n User to run ${command} as, using su(1) if not # using ${name}_chroot. # Requires /usr to be mounted. @@ -990,7 +992,8 @@ run_rc_command() _fib=\$${name}_fib _env=\$${name}_env \ _prepend=\$${name}_prepend _login_class=\${${name}_login_class:-daemon} \ _limits=\$${name}_limits _oomprotect=\$${name}_oomprotect \ - _setup=\$${name}_setup _env_file=\$${name}_env_file + _setup=\$${name}_setup _env_file=\$${name}_env_file \ + _umask=\$${name}_umask if [ -n "$_env_file" ] && [ -r "${_env_file}" ]; then # load env from file set -a @@ -1352,9 +1355,14 @@ _run_rc_postcmd() _run_rc_doit() { + local _m + debug "run_rc_command: doit: $*" + _m=$(umask) + ${_umask:+umask ${_umask}} eval "$@" _return=$? + umask ${_m} # If command failed and force isn't set, request exit. if [ $_return -ne 0 ] && [ -z "$rc_force" ]; then diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5 index 666ccbbc6b6e..8f105e679b55 100644 --- a/share/man/man5/rc.conf.5 +++ b/share/man/man5/rc.conf.5 @@ -22,7 +22,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd September 18, 2023 +.Dd December 2, 2023 .Dt RC.CONF 5 .Os .Sh NAME @@ -237,6 +237,11 @@ such as PostgreSQL will not inherit the OOM killer protection. .Pp This variable has no effect on services running within a .Xr jail 8 . +.It Ao Ar name Ac Ns Va _umask +.Pq Vt int +Run the service using this +.Xr umask 1 +value. .It Ao Ar name Ac Ns Va _user .Pq Vt str Run the service under this user account. @@ -4730,6 +4735,7 @@ The default is 10. .Xr limits 1 , .Xr protect 1 , .Xr sh 1 , +.Xr umask 1 , .Xr vi 1 , .Xr vidcontrol 1 , .Xr bridge 4 ,