diff options
author | Patrick Lawrence <patrick.lawrence@gmail.com> | 2021-01-05 08:43:02 -0800 |
---|---|---|
committer | Patrick Lawrence <patrick.lawrence@gmail.com> | 2021-01-12 06:55:37 -0800 |
commit | 6df400925cfa9e723375c6f61524473703054220 (patch) | |
tree | f480f729aeb58aac8ab3e86fccb0f6ddf4d095fd /libopeniscsiusr | |
parent | ac87641cd3d87b38480e212e7bdff7a44810036d (diff) | |
download | open-iscsi-6df400925cfa9e723375c6f61524473703054220.tar.gz |
Change mkdir permissions to 0770, adjust usmask
- Change mkdir() permissions from 0660 to 0770 so that there
are not SELinux dac_override violations.
- Adjust the umask to preserve execute bit permission on directories
created in iscsid and iscsiadm.
Diffstat (limited to 'libopeniscsiusr')
-rw-r--r-- | libopeniscsiusr/idbm.c | 2 | ||||
-rw-r--r-- | libopeniscsiusr/iface.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/libopeniscsiusr/idbm.c b/libopeniscsiusr/idbm.c index 7bc2381..190d61c 100644 --- a/libopeniscsiusr/idbm.c +++ b/libopeniscsiusr/idbm.c @@ -322,7 +322,7 @@ int _idbm_lock(struct iscsi_context *ctx) } if (access(LOCK_DIR, F_OK) != 0) { - if (mkdir(LOCK_DIR, 0660) != 0) { + if (mkdir(LOCK_DIR, 0770) != 0) { _error(ctx, "Could not open %s: %d %s", LOCK_DIR, errno, _strerror(errno, strerr_buff)); return LIBISCSI_ERR_IDBM; diff --git a/libopeniscsiusr/iface.c b/libopeniscsiusr/iface.c index e7938a5..4d573fb 100644 --- a/libopeniscsiusr/iface.c +++ b/libopeniscsiusr/iface.c @@ -326,7 +326,7 @@ int iscsi_default_iface_setup(struct iscsi_context *ctx) _good(_idbm_lock(ctx), rc, out); if ((access(IFACE_CONFIG_DIR, F_OK) != 0) && - (mkdir(IFACE_CONFIG_DIR, 0660) != 0)) { + (mkdir(IFACE_CONFIG_DIR, 0770) != 0)) { errno_save = errno; _idbm_unlock(ctx); _error(ctx, "Could not make %s folder(%d %s). " |