-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk6wTLkACgkQrlYvE4MpobOmtwCg6ziM3sCkdc9fmc5Igq2a34u2
6PMAn0/Ad7lcFyiLdNobQZpfjRU1oRqe
=bolk
-----END PGP SIGNATURE-----
>From 8e65dba033c4a963f5a15057e081e40324eed8d3 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@xxxxxxxxxx>
Date: Thu, 20 Oct 2011 15:13:17 -0400
Subject: [PATCH 53/63] Checkin Stephen Smalley's Fix for making sure we
maintain the mode on files even if the umask is
tighter then normal
---
libsemanage/src/semanage_store.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c
index e322992..a223aa7 100644
--- a/libsemanage/src/semanage_store.c
+++ b/libsemanage/src/semanage_store.c
@@ -495,6 +495,7 @@ static int semanage_copy_file(const char *src, const char *dst, mode_t mode)
int in, out, retval = 0, amount_read, n, errsv = errno;
char tmp[PATH_MAX];
char buf[4192];
+ mode_t mask;
n = snprintf(tmp, PATH_MAX, "%s.tmp", dst);
if (n < 0 || n >= PATH_MAX)
@@ -506,13 +507,16 @@ static int semanage_copy_file(const char *src, const char *dst, mode_t mode)
if (!mode)
mode = S_IRUSR | S_IWUSR;
-
+
+ mask = umask(0);
if ((out = open(tmp, O_WRONLY | O_CREAT | O_TRUNC, mode)) == -1) {
+ umask(mask);
errsv = errno;
close(in);
retval = -1;
goto out;
}
+ umask(mask);
while (retval == 0 && (amount_read = read(in, buf, sizeof(buf))) > 0) {
if (write(out, buf, amount_read) < 0) {
errsv = errno;
--
1.7.7
