From nobody Tue Nov 05 18:24:43 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XjcF73wg7z5cQGk; Tue, 05 Nov 2024 18:24:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XjcF72FCJz4HK3; Tue, 5 Nov 2024 18:24:43 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1730831083; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=z5PlcrGb6KybPdTaOwSyqBbX0fUKkWbUt/VhYNdaBOo=; b=CxZoBIGTYXB5OvwoQA6d7wee9psL/9sAwIABqllnIRRhkE+nE9ApLDFmphNlZYY6L4qP0W Msn3tK28qGV2UILI5WhOyf/tMGe31tMZfIWcXRB8BwwC2InO8Qg6tKb4ahSSrIAkLqMSSX fvPs7a9bvY4T6i3lJ2jb9U0sXhASH9cQ9YV5L1Y1+UlBv/btgL/jvbkWvYjQ6l9F5IQk7o NyFE6x5ePKm12LnyDJ7PuwJJ+JiWQx+t7uHBtYMUP1r7Ao9uJp5RqTx9y1I3oYhjXurRtv 7Oa/4yh4Yg4HBLcxw110RegsyDcbkra77l9uwlMLOFooPbGR1Vzbo1ckjpi42Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1730831083; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=z5PlcrGb6KybPdTaOwSyqBbX0fUKkWbUt/VhYNdaBOo=; b=SWzuxO4LwpT4mtk1KpJOu321pcLsOUkms3Tl5ZWN4Mj8ntw/xE0lFhWGVcRnabhKV6sL16 x6B7IUk96EgHbcK1lMBaErzpyJQGn+41Sy1GkERAmlt51qXyNhfHmSAcXsq3IlvYiDn4hq yfDilV1nVwilmtQOmiLWjX5VUgsu4JS00zpcjO2Utfp0X/Q2jRtHiL/Sh41I5bT/GfUzbg QM2WH56q+s33+NZJvTaMCPXx9zWfCEPoye7bAeCIFMcCsLievgmV8g6Q36faCFRT0lJypd +WwsYVg/4i4aUnbgMDQKqzP/8qYjs4nVzfOSP+jMiPInaB/avSZM5B22YyxPgQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1730831083; a=rsa-sha256; cv=none; b=qpNHzeeSIhr440nz28w+cKkEv5B82rNr+K0stLoeMLNXKyzoHzRYjf4cigwaBO4nfTQX7T UgLxGCMN6zD4r+sEPOU5oKac7I7z164ptNC0EybPAesSHsCMU1TOIqeqgQO7PX7Hkb+QsE vOMNJOJ0ELe2knBXG3P2zAIHW22dqRjA3cwHdEzSTeIIZDbyidSpAEdHZopgIwGlf0sDLM oI//t/5Sw03VgnkhD/J5bBk44wyh5ERf2TslwZ92DIn51x6ds9PVE+/lZwbytnmJQo84Xi rEKkIy2UMCmE7eYP4ZSP8uNopNptjjjzCautr8DHQn9qgmvo0b3ufbY7SeOZuw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XjcF71rWvzSf3; Tue, 5 Nov 2024 18:24:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4A5IOhtb024471; Tue, 5 Nov 2024 18:24:43 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4A5IOhoq024468; Tue, 5 Nov 2024 18:24:43 GMT (envelope-from git) Date: Tue, 5 Nov 2024 18:24:43 GMT Message-Id: <202411051824.4A5IOhoq024468@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: 88dd0550920c - main - syslogd: Fix handling of unix socket modes List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 88dd0550920c3dd378b2b761bda52339b5d860ec Auto-Submitted: auto-generated The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=88dd0550920c3dd378b2b761bda52339b5d860ec commit 88dd0550920c3dd378b2b761bda52339b5d860ec Author: Mark Johnston AuthorDate: 2024-11-05 17:48:37 +0000 Commit: Mark Johnston CommitDate: 2024-11-05 18:24:03 +0000 syslogd: Fix handling of unix socket modes When bind() is called, the process umask is applied, so one has to either clear the umask before binding or call chmod() to add permissions after the fact. Do the former here to ensure that the socket always has the correct mode. Reported by: Lexi Winter Fixes: 2b8c3a05e0a6 ("syslogd: Set unix socket modes atomically") --- usr.sbin/syslogd/syslogd.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c index 98ddb5d9158f..8fcf3f06cf95 100644 --- a/usr.sbin/syslogd/syslogd.c +++ b/usr.sbin/syslogd/syslogd.c @@ -3721,12 +3721,24 @@ socksetup(struct addrinfo *ai, const char *name, mode_t mode) if (ai->ai_family == AF_LOCAL) unlink(name); if (ai->ai_family == AF_LOCAL || NoBind == 0 || name != NULL) { + mode_t mask; + int error; + if (ai->ai_family == AF_LOCAL && fchmod(s, mode) < 0) { dprintf("fchmod %s: %s\n", name, strerror(errno)); close(s); return (NULL); } - if (bind(s, ai->ai_addr, ai->ai_addrlen) < 0) { + + /* + * For AF_LOCAL sockets, the process umask is applied to the + * mode set above, so temporarily clear it to ensure that the + * socket always has the correct permissions. + */ + mask = umask(0); + error = bind(s, ai->ai_addr, ai->ai_addrlen); + (void)umask(mask); + if (error < 0) { logerror("bind"); close(s); return (NULL);