If the clamd.conf enables the LocalSocket option and sets the unix
socket file in a directory that does not exist, clamd creates the
missing directory but with invalid 000 permissions bits, causing socket
creation to fail.
This patch sets the umask temporarily to allow creation of the
directory w/ dwrxwr-wr- (766) permissions.
... | ... |
@@ -114,6 +114,7 @@ int localserver(const struct optstruct *opts) |
114 | 114 |
|
115 | 115 |
if (stat(sockdir, &sb)) { |
116 | 116 |
if (errno == ENOENT) { |
117 |
+ mode_t old_umask; |
|
117 | 118 |
mode_t sock_mode; |
118 | 119 |
if (optget(opts, "LocalSocketMode")->enabled) { |
119 | 120 |
char *end; |
... | ... |
@@ -128,6 +129,7 @@ int localserver(const struct optstruct *opts) |
128 | 128 |
sock_mode = 0777; |
129 | 129 |
} |
130 | 130 |
|
131 |
+ old_umask = umask(0011); /* allow mode 777 for socket directory */ |
|
131 | 132 |
if (mkdir(sockdir, sock_mode)) { |
132 | 133 |
logg("!LOCAL: Could not create socket directory: %s: %s\n", sockdir, strerror(errno)); |
133 | 134 |
if (errno == ENOENT) { |
... | ... |
@@ -136,6 +138,7 @@ int localserver(const struct optstruct *opts) |
136 | 136 |
} else { |
137 | 137 |
logg("Localserver: Creating socket directory: %s\n", sockdir); |
138 | 138 |
} |
139 |
+ umask(old_umask); /* restore umask */ |
|
139 | 140 |
} |
140 | 141 |
} |
141 | 142 |
free(sockdir); |