From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stepnem@smrk.net>
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-ASN: AS20473 45.76.80.0/20
X-Spam-Status: No, score=-3.2 required=3.0 tests=AWL,BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS
	shortcircuit=no autolearn=ham autolearn_force=no version=3.4.6
Received: from mail.smrk.net (mail.smrk.net [45.76.87.244])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA512)
	(No client certificate requested)
	by dcvr.yhbt.net (Postfix) with ESMTPS id 2F9431F452
	for <meta@public-inbox.org>; Mon, 28 Aug 2023 10:45:18 +0000 (UTC)
Authentication-Results: dcvr.yhbt.net;
	dkim=pass (2048-bit key; unprotected) header.d=smrk.net header.i=@smrk.net header.a=rsa-sha256 header.s=20221002 header.b=eUaHyz+B;
	dkim-atps=neutral
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smrk.net; s=20221002;
	t=1693219515;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=l0FrXXUxneg+i+0P0Twz0TpZYF8LgmoJAyWVGXwpce0=;
	b=eUaHyz+BXLu7PIs9W+XBh+JnFYqH5aI9CbsUa5/2DsJd6ULDwSpger1B+u3fKzXt5ojfi9
	MZ6holEmVDgGwQzgsHTM12RdBlJpCkAOd07pQzF86mVCPJPnaNOLDXcraHQURRCVq1ENZf
	XYcjy2aatwp9y+1+Qofqqsrw7FY76L5EEUrK9h8pRvwEdhB5waOpA3ie7JWEhpyW6MDTfN
	eGmmSOOwePfNJ/fH5vYiJVoDMMp+UNypz933B/16IFQ+89mUBCK9+ihwFmoZ5P7Gt/6H67
	LxN7aSKbfMxPc/S1f8Q5n3TPeTfK6YhaKQImZtgRIYZDUj3zXKTL9OAxZJu1BA==
Received: from localhost (<unknown> [192.168.5.2])
	by smrk (OpenSMTPD) with ESMTPSA id bd371003 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO);
	Mon, 28 Aug 2023 12:45:15 +0200 (CEST)
From: =?UTF-8?q?=C5=A0t=C4=9Bp=C3=A1n=20N=C4=9Bmec?= <stepnem@smrk.net>
To: meta@public-inbox.org
Subject: [PATCH 2/2] public-inbox-init: honor umask when creating config file
Date: Mon, 28 Aug 2023 12:45:14 +0200
Message-ID: <20230828104514.937030-2-stepnem@smrk.net>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20230828104514.937030-1-stepnem@smrk.net>
References: <20230828104514.937030-1-stepnem@smrk.net>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
List-Id: <meta.public-inbox.org>

File::Temp defaults to 0600, which is unsuitable for the
recommended/typical scenario of daemons running unprivileged and with
UID different from $PI_CONFIG owner, as the deamons need to read
$PI_CONFIG.

Respecting umask might end up creating world-unreadable config, too,
but for people who use such umask that's expected behavior.
---
 script/public-inbox-init | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/script/public-inbox-init b/script/public-inbox-init
index 5de4578158fb..b3a16cfbf69d 100755
--- a/script/public-inbox-init
+++ b/script/public-inbox-init
@@ -1,5 +1,5 @@
 #!perl -w
-# Copyright (C) 2014-2021 all contributors <meta@public-inbox.org>
+# Copyright (C) all contributors <meta@public-inbox.org>
 # License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
 use strict;
 use v5.10.1;
@@ -122,7 +122,8 @@ sysopen($lockfh, $lockfile, O_RDWR|O_CREAT|O_EXCL) or do {
 };
 require PublicInbox::OnDestroy;
 my $auto_unlink = PublicInbox::OnDestroy->new($$, sub { unlink $lockfile });
-my ($perm, %seen);
+my $perm = 0644 & ~umask;
+my %seen;
 if (-e $pi_config) {
 	open(my $oh, '<', $pi_config) or die "unable to read $pi_config: $!\n";
 	my @st = stat($oh);
@@ -219,7 +220,7 @@ if (sysopen $fh, $f, O_CREAT|O_EXCL|O_WRONLY) {
 }
 
 # needed for git prior to v2.1.0
-umask(0077) if defined $perm;
+umask(0077);
 
 require PublicInbox::Spawn;
 PublicInbox::Spawn->import(qw(run_die));
@@ -246,10 +247,8 @@ for my $kv (@c_extra) {
 }
 
 # needed for git prior to v2.1.0
-if (defined $perm) {
-	chmod($perm & 07777, $pi_config_tmp) or
-			die "(f)chmod failed on future $pi_config: $!\n";
-}
+chmod($perm & 07777, $pi_config_tmp) or
+	die "(f)chmod failed on future $pi_config: $!\n";
 
 rename $pi_config_tmp, $pi_config or
 	die "failed to rename `$pi_config_tmp' to `$pi_config': $!\n";
-- 
2.42.0