Change mkdir permissions to 0770, adjust usmask

- Change mkdir() permissions from 0660 to 0770 so that there
  are not SELinux dac_override violations.
- Adjust the umask to preserve execute bit permission on directories
  created in iscsid and iscsiadm.

2 files changed, 2 insertions, 2 deletions

diff --git a/libopeniscsiusr/idbm.c b/libopeniscsiusr/idbm.c
index 7bc2381..190d61c 100644
--- a/libopeniscsiusr/idbm.c
+++ b/libopeniscsiusr/idbm.c
@@ -322,7 +322,7 @@ int _idbm_lock(struct iscsi_context *ctx)
 	}
 
 	if (access(LOCK_DIR, F_OK) != 0) {
-		if (mkdir(LOCK_DIR, 0660) != 0) {
+		if (mkdir(LOCK_DIR, 0770) != 0) {
 			_error(ctx, "Could not open %s: %d %s", LOCK_DIR, errno,
 				_strerror(errno, strerr_buff));
 			return LIBISCSI_ERR_IDBM;
diff --git a/libopeniscsiusr/iface.c b/libopeniscsiusr/iface.c
index e7938a5..4d573fb 100644
--- a/libopeniscsiusr/iface.c
+++ b/libopeniscsiusr/iface.c
@@ -326,7 +326,7 @@ int iscsi_default_iface_setup(struct iscsi_context *ctx)
 	_good(_idbm_lock(ctx), rc, out);
 
 	if ((access(IFACE_CONFIG_DIR, F_OK) != 0) &&
-	    (mkdir(IFACE_CONFIG_DIR, 0660) != 0)) {
+	    (mkdir(IFACE_CONFIG_DIR, 0770) != 0)) {
 		errno_save = errno;
 		_idbm_unlock(ctx);
 		_error(ctx, "Could not make %s folder(%d %s). "