From owner-freebsd-security Sun Feb 27 5:42:48 2000 Delivered-To: freebsd-security@freebsd.org Received: from relay.rtsnet.ru (bravo.rtsnet.ru [194.247.132.8]) by hub.freebsd.org (Postfix) with ESMTP id 14DDE37B607; Sun, 27 Feb 2000 05:42:33 -0800 (PST) (envelope-from igor@rtsnet.ru) Received: from shogun.rtsnet.ru (shogun.rtsnet.ru [172.16.4.32]) by relay.rtsnet.ru (Postfix) with ESMTP id 69B08198C19; Sun, 27 Feb 2000 16:42:29 +0300 (MSK) Received: (from igor@localhost) by shogun.rtsnet.ru (8.9.3/8.9.3/Zynaps) id QAA01028; Sun, 27 Feb 2000 16:42:30 +0300 (MSK) Date: Sun, 27 Feb 2000 16:42:30 +0300 From: Igor Vinokurov To: Keith Stevenson Cc: Kris Kennaway , freebsd-security@FreeBSD.org Subject: Re: pw && umask Message-ID: <20000227164230.A947@shogun.rtsnet.ru> References: <20000219200142.A605@shogun.rtsnet.ru> <20000219215109.A46191@osaka.louisville.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.6i In-Reply-To: <20000219215109.A46191@osaka.louisville.edu>; from Keith Stevenson on Sat, Feb 19, 2000 at 09:51:09PM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, Feb 19, 2000 at 21:51 -0500, Keith Stevenson wrote: > On Sat, Feb 19, 2000 at 03:01:46PM -0800, Kris Kennaway wrote: > > On Sat, 19 Feb 2000, Igor Vinokurov wrote: > > > > > May be it is necessary to add support umask? > > > > This should be a trivial amount of hacking (i.e. add another option to > > specify the umask and then use it instead of the hardcoded 0755). Anyone > > up for it? > > Patch attached. Whether commiting it in -STABLE is possible? > > I used -U as the umask option and tried to follow the style of the original > code as closely as possible. It's a bit, um, interesting. Umask code stolen > from /bin/sh. > > Patch has been moderately tested. > > Regards, > --Keith Stevenson-- > > -- > Keith Stevenson > System Programmer - Data Center Services - University of Louisville > k.stevenson@louisville.edu > PGP key fingerprint = 4B 29 A8 95 A8 82 EA A2 29 CE 68 DE FC EE B6 A0 > Index: pw.8 > =================================================================== > RCS file: /opt/ncvs/src/usr.sbin/pw/pw.8,v > retrieving revision 1.17 > diff -u -r1.17 pw.8 > --- pw.8 1999/08/28 01:19:18 1.17 > +++ pw.8 2000/02/20 02:41:11 > @@ -41,6 +41,7 @@ > .Op Fl u Ar uid > .Op Fl c Ar comment > .Op Fl d Ar dir > +.Op Fl U Ar umask > .Op Fl e Ar date > .Op Fl p Ar date > .Op Fl g Ar group > @@ -346,6 +347,8 @@ > - normally > .Pa /home > with the account name as a subdirectory. > +.It Fl U Ar umask > +Set the umask to be used when creating the account's home directory and skeleton files. Default is parent process umask. > .It Fl e Ar date > Set the account's expiration date. > Format of the date is either a UNIX time in decimal, or a date in > Index: pw.c > =================================================================== > RCS file: /opt/ncvs/src/usr.sbin/pw/pw.c,v > retrieving revision 1.18 > diff -u -r1.18 pw.c > --- pw.c 2000/01/15 00:20:20 1.18 > +++ pw.c 2000/02/20 02:41:12 > @@ -29,6 +29,7 @@ > "$FreeBSD: src/usr.sbin/pw/pw.c,v 1.18 2000/01/15 00:20:20 davidn Exp $"; > #endif /* not lint */ > > +#include > #include > #include > #include > @@ -89,6 +90,8 @@ > > static struct cargs arglist; > > +static int mask; > + > static int getindex(const char *words[], const char *word); > static void cmdhelp(int mode, int which); > > @@ -105,13 +108,13 @@ > static const char *opts[W_NUM][M_NUM] = > { > { /* user */ > - "V:C:qn:u:c:d:e:p:g:G:mk:s:oL:i:w:h:Db:NPy:Y", > - "V:C:qn:u:rY", > - "V:C:qn:u:c:d:e:p:g:G:ml:k:s:w:L:h:FNPY", > - "V:C:qn:u:FPa7", > - "V:C:q", > - "V:C:q", > - "V:C:q" > + "V:C:U:qn:u:c:d:e:p:g:G:mk:s:oL:i:w:h:Db:NPy:Y", > + "V:C:U:qn:u:rY", > + "V:C:U:qn:u:c:d:e:p:g:G:ml:k:s:w:L:h:FNPY", > + "V:C:U:qn:u:FPa7", > + "V:C:U:q", > + "V:C:U:q", > + "V:C:U:q" > }, > { /* grp */ > "V:C:qn:g:h:M:pNPY", > @@ -128,7 +131,6 @@ > pw_group > }; > > - umask(0); /* We wish to handle this manually */ > LIST_INIT(&arglist); > > /* > @@ -221,6 +223,30 @@ > setgrdir(etcpath); > } > } > + > + /* > + * Set the umask if specified on the command line > + */ > + > + if (getarg(&arglist, 'U') != NULL) { > + char * um = getarg(&arglist, 'U')-> val; > + if (um != NULL) { > + if (isdigit(*um)) { > + mask = 0; > + do { > + if (*um >= '8' || *um < '0') { > + fprintf(stderr, "Illegal umask: %s\n", um); > + exit(EX_USAGE); > + } > + mask = (mask << 3) + (*um - '0'); > + } while (*++um != '\0'); > + umask(mask); > + } else { > + fprintf(stderr, "Illegal umask: %s\n", um); > + exit(EX_USAGE); > + } > + } > + } > > /* > * Now, let's do the common initialisation > @@ -301,6 +327,7 @@ > "\t-u uid user id\n" > "\t-c comment user name/comment\n" > "\t-d directory home directory\n" > + "\t-U umask Directory/file creation mask\n" > "\t-e date account expiry date\n" > "\t-p date password expiry date\n" > "\t-g grp initial group\n" > Index: pw_user.c > =================================================================== > RCS file: /opt/ncvs/src/usr.sbin/pw/pw_user.c,v > retrieving revision 1.34 > diff -u -r1.34 pw_user.c > --- pw_user.c 2000/01/15 00:20:21 1.34 > +++ pw_user.c 2000/02/20 02:41:16 > @@ -179,7 +179,7 @@ > if (strchr(cnf->home+1, '/') == NULL) { > strcpy(dbuf, "/usr"); > strncat(dbuf, cnf->home, MAXPATHLEN-5); > - if (mkdir(dbuf, 0755) != -1 || errno == EEXIST) { > + if (mkdir(dbuf, 0777) != -1 || errno == EEXIST) { > chown(dbuf, 0, 0); > symlink(dbuf, cnf->home); > } > @@ -191,7 +191,7 @@ > while ((p = strchr(++p, '/')) != NULL) { > *p = '\0'; > if (stat(dbuf, &st) == -1) { > - if (mkdir(dbuf, 0755) == -1) > + if (mkdir(dbuf, 0777) == -1) > goto direrr; > chown(dbuf, 0, 0); > } else if (!S_ISDIR(st.st_mode)) > @@ -200,7 +200,7 @@ > } > } > if (stat(dbuf, &st) == -1) { > - if (mkdir(dbuf, 0755) == -1) { > + if (mkdir(dbuf, 0777) == -1) { > direrr: err(EX_OSFILE, "mkdir '%s'", dbuf); > } > chown(dbuf, 0, 0); > @@ -734,7 +734,7 @@ > * existing files will *not* be overwritten. > */ > if (!PWALTDIR() && getarg(args, 'm') != NULL && pwd->pw_dir && *pwd->pw_dir == '/' && pwd->pw_dir[1]) { > - copymkdir(pwd->pw_dir, cnf->dotdir, 0755, pwd->pw_uid, pwd->pw_gid); > + copymkdir(pwd->pw_dir, cnf->dotdir, 0777, pwd->pw_uid, pwd->pw_gid); > pw_log(cnf, mode, W_USER, "%s(%ld) home %s made", > pwd->pw_name, (long) pwd->pw_uid, pwd->pw_dir); > } -- Igor Vinokurov To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message