Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 23 Jan 2022 20:27:00 GMT
From:      Cy Schubert <cy@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: 28d0a7821adc - stable/12 - rc.d/ntp: Ensure ntpd.leap-seconds.list is readable by ntpd
Message-ID:  <202201232027.20NKR09S004549@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch stable/12 has been updated by cy:

URL: https://cgit.FreeBSD.org/src/commit/?id=28d0a7821adc1421b26c45b5cd8ab6532e55ba62

commit 28d0a7821adc1421b26c45b5cd8ab6532e55ba62
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2022-01-18 14:14:54 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2022-01-23 20:24:36 +0000

    rc.d/ntp: Ensure ntpd.leap-seconds.list is readable by ntpd
    
    When a use sets umask in login.conf(5) to 027 or 077 a subsequently
    fetched /var/db/ntpd.leap-seconds.list will inherit the permissions
    allowed by the umask, resulting in a file that may not be readable
    ntpd running under the ntp account. This patch adds a umask command
    to preempt the umask in login.conf(5) prior to fetching a new copy
    of the leap-seconds file.
    
    PR:             261298
    Reported by:    Martin Waschbusch <martin@waschbuesch.de>
    
    (cherry picked from commit c6806434e79079f4f9419c3ba4fec37efcaa1635)
---
 libexec/rc/rc.d/ntpd | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libexec/rc/rc.d/ntpd b/libexec/rc/rc.d/ntpd
index 8b32e3e19d5b..c1d2f52a01b7 100755
--- a/libexec/rc/rc.d/ntpd
+++ b/libexec/rc/rc.d/ntpd
@@ -221,6 +221,8 @@ ntpd_fetch_leapfile() {
 	if ntpd_needfetch_leapfile ; then
 		for url in $ntp_leapfile_sources ; do
 			$verbose fetching $url
+			# Circumvent umask 027 and 077 in login.conf(5)
+			umask 022
 			fetch $ntp_leapfile_fetch_opts -o $_ntp_tmp_leapfile $url && break
 		done
 		ntp_ver_no_tmp=$(get_ntp_leapfile_ver $_ntp_tmp_leapfile)



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202201232027.20NKR09S004549>