summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>2008-01-15 15:50:53 +0000
committer/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>2008-01-15 15:50:53 +0000
commit192004bf643733b63ea0a364ff8dde47cf368144 (patch)
tree33aa8244cfad78a587158403745371081ce70f0c
parent5b4129a89e9fa3ea3b5d57fc362f682aa85abfc7 (diff)
downloadconntrack-tools-192004bf643733b63ea0a364ff8dde47cf368144.tar.gz
conntrack-tools-192004bf643733b63ea0a364ff8dde47cf368144.zip
use umask() to set up file permissions
-rw-r--r--ChangeLog1
-rw-r--r--src/log.c24
-rw-r--r--src/main.c5
3 files changed, 7 insertions, 23 deletions
diff --git a/ChangeLog b/ChangeLog
index 75ead6b..63179e7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -44,6 +44,7 @@ o improve alarm framework based on suggestions from Max Kellerman
o constify queue_iterate()
o use list_del_init() and list_empty() to check if a node is in the list
o remove unix socket file on exit
+o use umask() to set up file permissions
Max Kellermann <max@duempel.org>:
diff --git a/src/log.c b/src/log.c
index b42e049..35ae0c3 100644
--- a/src/log.c
+++ b/src/log.c
@@ -33,17 +33,7 @@
int init_log(void)
{
if (CONFIG(logfile)[0]) {
- int fd;
-
- fd = open(CONFIG(logfile), O_CREAT | O_RDWR, 0600);
- if (fd == -1) {
- fprintf(stderr, "ERROR: can't open logfile `%s'."
- "Reason: %s\n", CONFIG(logfile),
- strerror(errno));
- return -1;
- }
-
- STATE(log) = fdopen(fd, "a+");
+ STATE(log) = fopen(CONFIG(logfile), "a+");
if (STATE(log) == NULL) {
fprintf(stderr, "ERROR: can't open logfile `%s'."
"Reason: %s\n", CONFIG(logfile),
@@ -53,17 +43,7 @@ int init_log(void)
}
if (CONFIG(stats).logfile[0]) {
- int fd;
-
- fd = open(CONFIG(stats).logfile, O_CREAT | O_RDWR, 0600);
- if (fd == -1) {
- fprintf(stderr, "ERROR: can't open logfile `%s'."
- "Reason: %s\n", CONFIG(stats).logfile,
- strerror(errno));
- return -1;
- }
-
- STATE(stats_log) = fdopen(fd, "a+");
+ STATE(stats_log) = fopen(CONFIG(stats).logfile, "a+");
if (STATE(stats_log) == NULL) {
fprintf(stderr, "ERROR: can't open logfile `%s'."
"Reason: %s\n", CONFIG(stats).logfile,
diff --git a/src/main.c b/src/main.c
index 11974ff..a4ee307 100644
--- a/src/main.c
+++ b/src/main.c
@@ -239,6 +239,8 @@ int main(int argc, char *argv[])
if (config_set == 0)
strcpy(config_file, DEFAULT_CONFIGFILE);
+ umask(0177);
+
if ((ret = init_config(config_file)) == -1) {
fprintf(stderr, "can't open config file `%s'\n", config_file);
exit(EXIT_FAILURE);
@@ -262,7 +264,8 @@ int main(int argc, char *argv[])
/*
* lock file
*/
- if ((ret = open(CONFIG(lockfile), O_CREAT | O_EXCL | O_TRUNC)) == -1) {
+ ret = open(CONFIG(lockfile), O_CREAT | O_EXCL | O_TRUNC, 0600);
+ if (ret == -1) {
fprintf(stderr, "lockfile `%s' exists, perhaps conntrackd "
"already running?\n", CONFIG(lockfile));
exit(EXIT_FAILURE);