From e8a019d297553079ab0de298695ff554c463425c Mon Sep 17 00:00:00 2001 From: Michael Friedrich Date: Fri, 27 Sep 2013 19:17:39 +0200 Subject: [PATCH] ExternalCommandListener: Reset umask to preserve group write permissions. refs #4444 --- components/compat/externalcommandlistener.cpp | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/components/compat/externalcommandlistener.cpp b/components/compat/externalcommandlistener.cpp index 1eb04e81e..35bd95ccf 100644 --- a/components/compat/externalcommandlistener.cpp +++ b/components/compat/externalcommandlistener.cpp @@ -50,7 +50,7 @@ void ExternalCommandListener::Start(void) String ExternalCommandListener::GetCommandPath(void) const { if (m_CommandPath.IsEmpty()) - return Application::GetLocalStateDir() + "/run/icinga2/icinga2.cmd"; + return Application::GetLocalStateDir() + "/run/icinga2/rw/icinga2.cmd"; else return m_CommandPath; } @@ -77,6 +77,12 @@ void ExternalCommandListener::CommandPipeThread(const String& commandPath) } } + /* + * process would override group write permissions + * so reset them. man 3 mkfifo: (mode & ~umask) + */ + mode_t oldMask = umask(S_IWOTH); + if (!fifo_ok && mkfifo(commandPath.CStr(), S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP) < 0) { BOOST_THROW_EXCEPTION(posix_error() << boost::errinfo_api_function("mkfifo") @@ -84,6 +90,9 @@ void ExternalCommandListener::CommandPipeThread(const String& commandPath) << boost::errinfo_file_name(commandPath)); } + /* restore old umask */ + umask(oldMask); + for (;;) { int fd;