LogoKolab Groupware OBS > Projects
Log In

View File 0001-restore-system-umask-after-fork-fix-T5659.patch of Package pykolab (Project home:dhoffend:branches:Kolab:Winterfell)

From 17db4f8027ddbe1d887ebf0ebdc33ed46855d269 Mon Sep 17 00:00:00 2001
From: Daniel Hoffend <dh@dotlan.net>
Date: Mon, 18 Nov 2019 12:02:28 +0100
Subject: [PATCH 1/3] restore system umask after fork (fix T5659)

Summary:
start-stop-daemon behaviour has changed. We must make sure the created
pidfile is "secure" and not world-wide-writeable.

Reviewers: #pykolab_developers, vanmeeuwen

Reviewed By: #pykolab_developers, vanmeeuwen

Differential Revision: https://git.kolab.org/D847
---
 kolabd/__init__.py    | 4 +++-
 saslauthd/__init__.py | 4 +++-
 wallace/__init__.py   | 4 +++-
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/kolabd/__init__.py b/kolabd/__init__.py
index cefcc02..edeace2 100644
--- a/kolabd/__init__.py
+++ b/kolabd/__init__.py
@@ -172,7 +172,7 @@ class KolabDaemon:
                 # Give up the session, all control,
                 # all open file descriptors, see #5151
                 os.chdir("/")
-                os.umask(0)
+                old_umask = os.umask(0)
                 os.setsid()
 
                 pid = os.fork()
@@ -191,6 +191,8 @@ class KolabDaemon:
                 os.open(os.devnull, os.O_WRONLY)
                 os.open(os.devnull, os.O_WRONLY)
 
+                os.umask(old_umask)
+
                 log.remove_stdout_handler()
                 self.set_signal_handlers()
                 self.write_pid()
diff --git a/saslauthd/__init__.py b/saslauthd/__init__.py
index 2cb76d6..30e8189 100644
--- a/saslauthd/__init__.py
+++ b/saslauthd/__init__.py
@@ -138,7 +138,7 @@ class SASLAuthDaemon(object):
                 # Give up the session, all control,
                 # all open file descriptors, see #5151
                 os.chdir("/")
-                os.umask(0)
+                old_umask = os.umask(0)
                 os.setsid()
 
                 pid = os.fork()
@@ -153,6 +153,8 @@ class SASLAuthDaemon(object):
                 os.close(1)
                 os.close(2)
 
+                os.umask(old_umask)
+
                 self.thread_count += 1
                 log.remove_stdout_handler()
                 self.set_signal_handlers()
diff --git a/wallace/__init__.py b/wallace/__init__.py
index 57443cd..4a22e3e 100644
--- a/wallace/__init__.py
+++ b/wallace/__init__.py
@@ -618,7 +618,7 @@ class WallaceDaemon:
                 # Give up the session, all control,
                 # all open file descriptors, see #5151
                 os.chdir("/")
-                os.umask(0)
+                old_umask = os.umask(0)
                 os.setsid()
 
                 pid = os.fork()
@@ -637,6 +637,8 @@ class WallaceDaemon:
                 os.open(os.devnull, os.O_WRONLY)
                 os.open(os.devnull, os.O_WRONLY)
 
+                os.umask(old_umask)
+
                 log.remove_stdout_handler()
                 self.set_signal_handlers()
                 self.write_pid()
-- 
2.20.1