git: 787abe7d6eb6 - stable/14 - setusercontext(): Set umask in a separate function, setclassumask()

Thu, 01 Feb 2024 13:31:40 -0800 

The branch stable/14 has been updated by olce:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=787abe7d6eb64cefe0d92a6a9f00324f960bd55e

commit 787abe7d6eb64cefe0d92a6a9f00324f960bd55e
Author:     Olivier Certner <[email protected]>
AuthorDate: 2023-06-20 16:46:31 +0000
Commit:     Olivier Certner <[email protected]>
CommitDate: 2024-02-01 21:28:52 +0000

    setusercontext(): Set umask in a separate function, setclassumask()
    
    Reviewed by:            emaste
    Approved by:            emaste (mentor)
    MFC after:              3 days
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40686
    
    (cherry picked from commit 0dd1705f584947625892988afe59e4cedb5cdd09)
    
    Approved by:            markj (mentor)
---
 lib/libutil/login_class.c | 59 ++++++++++++++++++++++++++---------------------
 1 file changed, 33 insertions(+), 26 deletions(-)

diff --git a/lib/libutil/login_class.c b/lib/libutil/login_class.c
index 2b85425d8d8e..69230db32961 100644
--- a/lib/libutil/login_class.c
+++ b/lib/libutil/login_class.c
@@ -381,6 +381,37 @@ setclasscontext(const char *classname, unsigned int flags)
 }
 
 
+/*
+ * Private function setting umask from the login class.
+ */
+static void
+setclassumask(login_cap_t *lc, const struct passwd *pwd)
+{
+       /*
+        * Make it unlikely that someone would input our default sentinel
+        * indicating no specification.
+        */
+       const rlim_t def_val = INT64_MIN + 1, err_val = INT64_MIN;
+       const rlim_t val = login_getcapnum(lc, "umask", def_val, err_val);
+
+       if (val != def_val) {
+               if (val < 0 || val > UINT16_MAX) {
+                       /* We get here also on 'err_val'. */
+                       syslog(LOG_WARNING,
+                           "%s%s%sLogin class '%s': "
+                           "Invalid umask specification: '%s'",
+                           pwd ? "Login '" : "",
+                           pwd ? pwd->pw_name : "",
+                           pwd ? "': " : "",
+                           lc->lc_class,
+                           login_getcapstr(lc, "umask", "", ""));
+               } else {
+                       const mode_t mode = val;
+
+                       umask(mode);
+               }
+       }
+}
 
 /*
  * Private function which takes care of processing
@@ -394,32 +425,8 @@ setlogincontext(login_cap_t *lc, const struct passwd *pwd, 
unsigned long flags)
        if (flags & LOGIN_SETRESOURCES)
            setclassresources(lc);
        /* See if there's a umask override */
-       if (flags & LOGIN_SETUMASK) {
-           /*
-            * Make it unlikely that someone would input our default sentinel
-            * indicating no specification.
-            */
-           const rlim_t def_val = INT64_MIN + 1, err_val = INT64_MIN;
-           const rlim_t val = login_getcapnum(lc, "umask", def_val, err_val);
-
-           if (val != def_val) {
-               if (val < 0 || val > UINT16_MAX) {
-                   /* We get here also on 'err_val'. */
-                   syslog(LOG_WARNING,
-                       "%s%s%sLogin class '%s': "
-                       "Invalid umask specification: '%s'",
-                       pwd ? "Login '" : "",
-                       pwd ? pwd->pw_name : "",
-                       pwd ? "': " : "",
-                       lc->lc_class,
-                       login_getcapstr(lc, "umask", "", ""));
-               } else {
-                   const mode_t mode = val;
-
-                   umask(mode);
-               }
-           }
-       }
+       if (flags & LOGIN_SETUMASK)
+           setclassumask(lc, pwd);
        /* Set paths */
        if (flags & LOGIN_SETPATH)
            setclassenvironment(lc, pwd, 1);

Reply via email to