summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Hoffend <dh@dotlan.net>2019-11-18 12:02:28 +0100
committerJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2019-11-18 12:02:28 +0100
commit17db4f8027ddbe1d887ebf0ebdc33ed46855d269 (patch)
treef2ec2ba48d5110bf4bfa93e672b3b97e27c8fed9
parentc4efba7de0b771361cf9b988d8176cd02d0c3aac (diff)
downloadpykolab-17db4f8027ddbe1d887ebf0ebdc33ed46855d269.tar.gz
restore system umask after fork (fix T5659)
Summary: start-stop-daemon behaviour has changed. We must make sure the created pidfile is "secure" and not world-wide-writeable. Reviewers: #pykolab_developers, vanmeeuwen Reviewed By: #pykolab_developers, vanmeeuwen Differential Revision: https://git.kolab.org/D847
-rw-r--r--kolabd/__init__.py4
-rw-r--r--saslauthd/__init__.py4
-rw-r--r--wallace/__init__.py4
3 files changed, 9 insertions, 3 deletions
diff --git a/kolabd/__init__.py b/kolabd/__init__.py
index cefcc02..edeace2 100644
--- a/kolabd/__init__.py
+++ b/kolabd/__init__.py
@@ -172,7 +172,7 @@ class KolabDaemon:
# Give up the session, all control,
# all open file descriptors, see #5151
os.chdir("/")
- os.umask(0)
+ old_umask = os.umask(0)
os.setsid()
pid = os.fork()
@@ -191,6 +191,8 @@ class KolabDaemon:
os.open(os.devnull, os.O_WRONLY)
os.open(os.devnull, os.O_WRONLY)
+ os.umask(old_umask)
+
log.remove_stdout_handler()
self.set_signal_handlers()
self.write_pid()
diff --git a/saslauthd/__init__.py b/saslauthd/__init__.py
index 2cb76d6..30e8189 100644
--- a/saslauthd/__init__.py
+++ b/saslauthd/__init__.py
@@ -138,7 +138,7 @@ class SASLAuthDaemon(object):
# Give up the session, all control,
# all open file descriptors, see #5151
os.chdir("/")
- os.umask(0)
+ old_umask = os.umask(0)
os.setsid()
pid = os.fork()
@@ -153,6 +153,8 @@ class SASLAuthDaemon(object):
os.close(1)
os.close(2)
+ os.umask(old_umask)
+
self.thread_count += 1
log.remove_stdout_handler()
self.set_signal_handlers()
diff --git a/wallace/__init__.py b/wallace/__init__.py
index 57443cd..4a22e3e 100644
--- a/wallace/__init__.py
+++ b/wallace/__init__.py
@@ -618,7 +618,7 @@ class WallaceDaemon:
# Give up the session, all control,
# all open file descriptors, see #5151
os.chdir("/")
- os.umask(0)
+ old_umask = os.umask(0)
os.setsid()
pid = os.fork()
@@ -637,6 +637,8 @@ class WallaceDaemon:
os.open(os.devnull, os.O_WRONLY)
os.open(os.devnull, os.O_WRONLY)
+ os.umask(old_umask)
+
log.remove_stdout_handler()
self.set_signal_handlers()
self.write_pid()