fix logfiles permissions, do not default to umask

3 files changed, 34 insertions, 9 deletions

diff --git a/ChangeLog b/ChangeLog
index ed21d7f..6d0bdc0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -32,6 +32,7 @@ o detach daemon from its terminal (Ben Lenitz <BLentz@channing-bete.com>)
 o obsolete `-S' option: Use information provided by the config file
 o daemonize conntrackd after initialization
 o rename class `buffer' to `queue' which is what it really implements
+o fix logfiles permissions, do not default to umask
 
 version 0.9.5 (2007/07/29)
 ------------------------------
diff --git a/src/log.c b/src/log.c
index 3e3dd12..176bdcd 100644
--- a/src/log.c
+++ b/src/log.c
@@ -19,28 +19,54 @@
  */
 
 #include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
 #include <time.h>
 #include <stdarg.h>
 #include <string.h>
+#include <errno.h>
 #include "buffer.h"
 #include "conntrackd.h"
 
 int init_log(void)
 {
 	if (CONFIG(logfile)[0]) {
-		STATE(log) = fopen(CONFIG(logfile), "a+");
+		int fd;
+		
+		fd = open(CONFIG(logfile), O_CREAT | O_RDWR, 0600);
+		if (fd == -1) {
+			fprintf(stderr, "ERROR: can't open logfile `%s'."
+				"Reason: %s\n", CONFIG(logfile), 
+						strerror(errno));
+			return -1;
+		}
+
+		STATE(log) = fdopen(fd, "a+");
 		if (STATE(log) == NULL) {
-			fprintf(stderr, "can't open log file `%s'\n", 
-				CONFIG(logfile));
+			fprintf(stderr, "ERROR: can't open logfile `%s'."
+				"Reason: %s\n", CONFIG(logfile), 
+						strerror(errno));
 			return -1;
 		}
 	}
 
 	if (CONFIG(stats).logfile[0]) {
-		STATE(stats_log) = fopen(CONFIG(stats).logfile, "a+");
+		int fd;
+		
+		fd = open(CONFIG(stats).logfile, O_CREAT | O_RDWR, 0600);
+		if (fd == -1) {
+			fprintf(stderr, "ERROR: can't open logfile `%s'."
+				"Reason: %s\n", CONFIG(stats).logfile, 
+						strerror(errno));
+			return -1;
+		}
+
+		STATE(stats_log) = fdopen(fd, "a+");
 		if (STATE(stats_log) == NULL) {
-			fprintf(stderr, "can't open log file `%s'\n", 
-				CONFIG(stats).logfile);
+			fprintf(stderr, "ERROR: can't open logfile `%s'."
+				"Reason: %s\n", CONFIG(stats).logfile, 
+						strerror(errno));
 			return -1;
 		}
 	}
diff --git a/src/main.c b/src/main.c
index 3cf44ba..33235e9 100644
--- a/src/main.c
+++ b/src/main.c
@@ -246,10 +246,8 @@ int main(int argc, char *argv[])
 	/*
 	 * Setting up logging
 	 */
-	if (config_set && init_log() == -1) {
-		fprintf(stderr, "can't open logfile `%s\n'", CONFIG(logfile));
+	if (config_set && init_log() == -1)
 		exit(EXIT_FAILURE);
-	}
 
 	if (type == REQUEST) {
 		if (do_local_request(action, &conf.local, local_step) == -1) {