tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-07-21 04:34:43 +02:00
Code Issues Packages Projects Releases Wiki Activity

ExternalCommandListener: Reset umask to preserve group write permissions.

Browse Source 
refs #4444
This commit is contained in:
Michael Friedrich 2013-09-27 19:17:39 +02:00
parent 622471ef77
commit e8a019d297
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
components/compat/externalcommandlistener.cpp
View File

@ -50,7 +50,7 @@ void ExternalCommandListener::Start(void)
String ExternalCommandListener::GetCommandPath(void) const String ExternalCommandListener::GetCommandPath(void) const
{ {
if (m_CommandPath.IsEmpty()) if (m_CommandPath.IsEmpty())
return Application::GetLocalStateDir() + "/run/icinga2/icinga2.cmd"; return Application::GetLocalStateDir() + "/run/icinga2/rw/icinga2.cmd";
else else
return m_CommandPath; return m_CommandPath;
} }
@ -77,6 +77,12 @@ void ExternalCommandListener::CommandPipeThread(const String& commandPath)
} }
} }
/*
* process would override group write permissions
* so reset them. man 3 mkfifo: (mode & ~umask)
*/
mode_t oldMask = umask(S_IWOTH);
if (!fifo_ok && mkfifo(commandPath.CStr(), S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP) < 0) { if (!fifo_ok && mkfifo(commandPath.CStr(), S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP) < 0) {
BOOST_THROW_EXCEPTION(posix_error() BOOST_THROW_EXCEPTION(posix_error()
<< boost::errinfo_api_function("mkfifo") << boost::errinfo_api_function("mkfifo")
@ -84,6 +90,9 @@ void ExternalCommandListener::CommandPipeThread(const String& commandPath)
<< boost::errinfo_file_name(commandPath)); << boost::errinfo_file_name(commandPath));
} }
/* restore old umask */
umask(oldMask);
for (;;) { for (;;) {
int fd; int fd;