forked from Mirror/frr
2003-12-22 Christian Hammers <ch@lathspell.de>
* configure.ac (and everywhere a regular file is opened for
writing): use file permissions from configure rather than
compiled-in umask.
This commit is contained in:
gdt
parent
47ce02a8f1
commit
aa593d5e26
|
|
@ -1,3 +1,9 @@
|
|||
2003-12-22 Christian Hammers <ch@lathspell.de>
|
||||
|
||||
* configure.ac (and everywhere a regular file is opened for
|
||||
writing): use file permissions from configure rather than
|
||||
compiled-in umask.
|
||||
|
||||
2003-12-22 Hasso Tepper <hasso@estpak.ee>
|
||||
|
||||
* lib/linklist.c: Revert microfix I commited while reverting
|
||||
|
|
|
|||
4
NEWS
4
NEWS
|
|
@ -8,6 +8,10 @@
|
|||
directory from $(sysconfdir), easing NetBSD pkgsrc hierarchy rules
|
||||
compliance.
|
||||
|
||||
- New configure options --enable-configfile-mask and
|
||||
--enable-logfile-mask to set umask values for config and log
|
||||
values. Masks default to 0600, matching previous behavior.
|
||||
|
||||
* Changes in Quagga 0.96.4
|
||||
|
||||
- Further fixes to ospfd, some relating to the PtP revert. Interface
|
||||
|
|
|
|||
|
|
@ -95,6 +95,7 @@ bgp_dump_open_file (struct bgp_dump *bgp_dump)
|
|||
struct tm *tm;
|
||||
char fullpath[MAXPATHLEN];
|
||||
char realpath[MAXPATHLEN];
|
||||
mode_t oldumask;
|
||||
|
||||
time (&clock);
|
||||
tm = localtime (&clock);
|
||||
|
|
@ -117,10 +118,15 @@ bgp_dump_open_file (struct bgp_dump *bgp_dump)
|
|||
fclose (bgp_dump->fp);
|
||||
|
||||
|
||||
oldumask = umask(0777 & ~LOGFILE_MASK);
|
||||
bgp_dump->fp = fopen (realpath, "w");
|
||||
|
||||
if (bgp_dump->fp == NULL)
|
||||
return NULL;
|
||||
{
|
||||
umask(oldumask);
|
||||
return NULL;
|
||||
}
|
||||
umask(oldumask);
|
||||
|
||||
return bgp_dump->fp;
|
||||
}
|
||||
|
|
|
|||
12
configure.ac
12
configure.ac
|
|
@ -115,6 +115,10 @@ AC_ARG_ENABLE(quagga_group,
|
|||
[ --enable-group=ARG group to run Quagga suite as (default quagga)])
|
||||
AC_ARG_ENABLE(vty_group,
|
||||
[ --enable-vty-group=ARG set vty sockets to have specified group as owner])
|
||||
AC_ARG_ENABLE(configfile_mask,
|
||||
[ --enable-configfile-mask=ARG set mask for config files])
|
||||
AC_ARG_ENABLE(logfile_mask,
|
||||
[ --enable-logfile-mask=ARG set mask for log files])
|
||||
|
||||
AC_ARG_ENABLE(rtadv,
|
||||
[ --disable-rtadv disable IPV6 router advertisement feature])
|
||||
|
|
@ -176,6 +180,12 @@ elif test x"${enable_vty_group}" != x""; then
|
|||
fi
|
||||
fi
|
||||
|
||||
enable_configfile_mask=${enable_configfile_mask:-0600}
|
||||
AC_DEFINE_UNQUOTED(CONFIGFILE_MASK, ${enable_configfile_mask}, Mask for config files)
|
||||
|
||||
enable_logfile_mask=${enable_logfile_mask:-0600}
|
||||
AC_DEFINE_UNQUOTED(LOGFILE_MASK, ${enable_logfile_mask}, Mask for log files)
|
||||
|
||||
changequote(, )dnl
|
||||
|
||||
MULTIPATH_NUM=1
|
||||
|
|
@ -1073,6 +1083,8 @@ example directory : `eval echo \`echo ${exampledir}\``
|
|||
user to run as : ${enable_user}
|
||||
group to run as : ${enable_group}
|
||||
group for vty sockets : ${enable_vty_group}
|
||||
config file mask : ${enable_configfile_mask}
|
||||
log file mask : ${enable_logfile_mask}
|
||||
|
||||
The above user and group must have read/write access to the state file
|
||||
directory and to the config files in the config file directory.
|
||||
|
|
|
|||
|
|
@ -2552,6 +2552,14 @@ DEFUN (config_write_file,
|
|||
|
||||
free (config_file_sav);
|
||||
free (config_file_tmp);
|
||||
|
||||
if (chmod (config_file, CONFIGFILE_MASK) != 0)
|
||||
{
|
||||
vty_out (vty, "Can't chmod configuration file %s: %s (%d).%s",
|
||||
config_file, strerror(errno), errno, VTY_NEWLINE);
|
||||
return CMD_WARNING;
|
||||
}
|
||||
|
||||
vty_out (vty, "Configuration saved to %s%s", config_file,
|
||||
VTY_NEWLINE);
|
||||
return CMD_SUCCESS;
|
||||
|
|
|
|||
17
lib/log.c
17
lib/log.c
|
|
@ -365,6 +365,7 @@ int
|
|||
zlog_set_file (struct zlog *zl, int flags, char *filename)
|
||||
{
|
||||
FILE *fp;
|
||||
mode_t oldumask;
|
||||
|
||||
/* There is opend file. */
|
||||
zlog_reset_file (zl);
|
||||
|
|
@ -374,9 +375,14 @@ zlog_set_file (struct zlog *zl, int flags, char *filename)
|
|||
zl = zlog_default;
|
||||
|
||||
/* Open file. */
|
||||
oldumask = umask (0777 & ~LOGFILE_MASK);
|
||||
fp = fopen (filename, "a");
|
||||
if (fp == NULL)
|
||||
return 0;
|
||||
{
|
||||
umask(oldumask);
|
||||
return 0;
|
||||
}
|
||||
umask(oldumask);
|
||||
|
||||
/* Set flags. */
|
||||
zl->filename = strdup (filename);
|
||||
|
|
@ -421,9 +427,16 @@ zlog_rotate (struct zlog *zl)
|
|||
|
||||
if (zl->filename)
|
||||
{
|
||||
mode_t oldumask;
|
||||
|
||||
oldumask = umask (0777 & ~LOGFILE_MASK);
|
||||
fp = fopen (zl->filename, "a");
|
||||
if (fp == NULL)
|
||||
return -1;
|
||||
{
|
||||
umask(oldumask);
|
||||
return -1;
|
||||
}
|
||||
umask(oldumask);
|
||||
zl->fp = fp;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -32,16 +32,20 @@ pid_output (char *path)
|
|||
#ifndef HAVE_FCNTL
|
||||
FILE *fp;
|
||||
pid_t pid;
|
||||
mask_t oldumask;
|
||||
|
||||
pid = getpid();
|
||||
|
||||
oldumask = umask(0777 & ~LOGFILE_MASK);
|
||||
fp = fopen (path, "w");
|
||||
if (fp != NULL)
|
||||
{
|
||||
fprintf (fp, "%d\n", (int) pid);
|
||||
fclose (fp);
|
||||
umask(oldumask);
|
||||
return -1;
|
||||
}
|
||||
umask(oldumask);
|
||||
return pid;
|
||||
#else
|
||||
return pid_output_lock(path);
|
||||
|
|
@ -57,18 +61,23 @@ pid_output_lock (char *path)
|
|||
pid_t pid;
|
||||
char buf[16];
|
||||
struct flock lock;
|
||||
mode_t oldumask;
|
||||
|
||||
pid = getpid ();
|
||||
|
||||
fd = open (path, O_RDWR | O_CREAT, 0644);
|
||||
oldumask = umask(0777 & ~LOGFILE_MASK);
|
||||
zlog_err( "old umask %d %d", oldumask, 0777 & ~LOGFILE_MASK);
|
||||
fd = open (path, O_RDWR | O_CREAT, LOGFILE_MASK);
|
||||
if (fd < 0)
|
||||
{
|
||||
zlog_err( "Can't creat pid lock file %s (%s), exit",
|
||||
path, strerror(errno));
|
||||
umask(oldumask);
|
||||
exit (-1);
|
||||
}
|
||||
else
|
||||
{
|
||||
umask(oldumask);
|
||||
memset (&lock, 0, sizeof(lock));
|
||||
|
||||
lock.l_type = F_WRLCK;
|
||||
|
|
|
|||
|
|
@ -2185,6 +2185,14 @@ vty_use_backup_config (char *fullpath)
|
|||
close (sav);
|
||||
close (tmp);
|
||||
|
||||
if (chmod(fullpath_tmp, CONFIGFILE_MASK) != 0)
|
||||
{
|
||||
free (fullpath_sav);
|
||||
free (fullpath_tmp);
|
||||
unlink (fullpath_tmp);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (link (fullpath_tmp, fullpath) == 0)
|
||||
ret = fopen (fullpath, "r");
|
||||
|
||||
|
|
|
|||
|
|
@ -1287,14 +1287,10 @@ DEFUN (no_vtysh_write_config,
|
|||
int write_config_integrated(void)
|
||||
{
|
||||
int ret;
|
||||
mode_t old_umask;
|
||||
char line[] = "write terminal\n";
|
||||
FILE *fp;
|
||||
char *integrate_sav = NULL;
|
||||
|
||||
/* config files have 0600 perms... */
|
||||
old_umask = umask (0077);
|
||||
|
||||
integrate_sav = malloc (strlen (integrate_default)
|
||||
+ strlen (CONF_BACKUP_EXT) + 1);
|
||||
strcpy (integrate_sav, integrate_default);
|
||||
|
|
@ -1312,7 +1308,6 @@ int write_config_integrated(void)
|
|||
if (fp == NULL)
|
||||
{
|
||||
fprintf (stdout,"%% Can't open configuration file %s.\n", integrate_default);
|
||||
umask (old_umask);
|
||||
return CMD_SUCCESS;
|
||||
}
|
||||
|
||||
|
|
@ -1329,11 +1324,17 @@ int write_config_integrated(void)
|
|||
|
||||
fclose (fp);
|
||||
|
||||
if (chmod (integrate_default, CONFIGFILE_MASK) != 0)
|
||||
{
|
||||
fprintf (stdout,"%% Can't chmod configuration file %s: %s (%d)\n",
|
||||
integrate_default, strerror(errno), errno);
|
||||
return CMD_WARNING;
|
||||
}
|
||||
|
||||
fprintf(stdout,"Integrated configuration saved to %s\n",integrate_default);
|
||||
|
||||
fprintf (stdout,"[OK]\n");
|
||||
|
||||
umask (old_umask);
|
||||
return CMD_SUCCESS;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue