git: 0dd1705f5849 - main - setusercontext(): Set umask in a separate function, setclassumask()
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 29 Jan 2024 22:32:08 UTC
The branch main has been updated by olce:
URL: https://cgit.FreeBSD.org/src/commit/?id=0dd1705f584947625892988afe59e4cedb5cdd09
commit 0dd1705f584947625892988afe59e4cedb5cdd09
Author: Olivier Certner <olce@FreeBSD.org>
AuthorDate: 2023-06-20 16:46:31 +0000
Commit: Olivier Certner <olce@FreeBSD.org>
CommitDate: 2024-01-29 21:58:06 +0000
setusercontext(): Set umask in a separate function, setclassumask()
Reviewed by: emaste
Approved by: emaste (mentor)
MFC after: 3 days
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40686
---
lib/libutil/login_class.c | 59 ++++++++++++++++++++++++++---------------------
1 file changed, 33 insertions(+), 26 deletions(-)
diff --git a/lib/libutil/login_class.c b/lib/libutil/login_class.c
index e578925214bd..c8dd2cd66563 100644
--- a/lib/libutil/login_class.c
+++ b/lib/libutil/login_class.c
@@ -380,6 +380,37 @@ setclasscontext(const char *classname, unsigned int flags)
}
+/*
+ * Private function setting umask from the login class.
+ */
+static void
+setclassumask(login_cap_t *lc, const struct passwd *pwd)
+{
+ /*
+ * Make it unlikely that someone would input our default sentinel
+ * indicating no specification.
+ */
+ const rlim_t def_val = INT64_MIN + 1, err_val = INT64_MIN;
+ const rlim_t val = login_getcapnum(lc, "umask", def_val, err_val);
+
+ if (val != def_val) {
+ if (val < 0 || val > UINT16_MAX) {
+ /* We get here also on 'err_val'. */
+ syslog(LOG_WARNING,
+ "%s%s%sLogin class '%s': "
+ "Invalid umask specification: '%s'",
+ pwd ? "Login '" : "",
+ pwd ? pwd->pw_name : "",
+ pwd ? "': " : "",
+ lc->lc_class,
+ login_getcapstr(lc, "umask", "", ""));
+ } else {
+ const mode_t mode = val;
+
+ umask(mode);
+ }
+ }
+}
/*
* Private function which takes care of processing
@@ -393,32 +424,8 @@ setlogincontext(login_cap_t *lc, const struct passwd *pwd, unsigned long flags)
if (flags & LOGIN_SETRESOURCES)
setclassresources(lc);
/* See if there's a umask override */
- if (flags & LOGIN_SETUMASK) {
- /*
- * Make it unlikely that someone would input our default sentinel
- * indicating no specification.
- */
- const rlim_t def_val = INT64_MIN + 1, err_val = INT64_MIN;
- const rlim_t val = login_getcapnum(lc, "umask", def_val, err_val);
-
- if (val != def_val) {
- if (val < 0 || val > UINT16_MAX) {
- /* We get here also on 'err_val'. */
- syslog(LOG_WARNING,
- "%s%s%sLogin class '%s': "
- "Invalid umask specification: '%s'",
- pwd ? "Login '" : "",
- pwd ? pwd->pw_name : "",
- pwd ? "': " : "",
- lc->lc_class,
- login_getcapstr(lc, "umask", "", ""));
- } else {
- const mode_t mode = val;
-
- umask(mode);
- }
- }
- }
+ if (flags & LOGIN_SETUMASK)
+ setclassumask(lc, pwd);
/* Set paths */
if (flags & LOGIN_SETPATH)
setclassenvironment(lc, pwd, 1);