git: 2b8c3a05e0a6 - main - syslogd: Set unix socket modes atomically

From: Mark Johnston <markj_at_FreeBSD.org>
Date: Sun, 03 Nov 2024 16:48:10 UTC
The branch main has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=2b8c3a05e0a63f3ffd6ba0eeca08a97578ec3a38

commit 2b8c3a05e0a63f3ffd6ba0eeca08a97578ec3a38
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-11-03 14:41:15 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-11-03 16:46:53 +0000

    syslogd: Set unix socket modes atomically
    
    Take advantage of the ability to atomically set unix socket modes to
    ensure that /var/run/logpriv always has mode 0600.
    
    MFC after:      1 month
---
 usr.sbin/syslogd/syslogd.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c
index 12fa61b01bad..98ddb5d9158f 100644
--- a/usr.sbin/syslogd/syslogd.c
+++ b/usr.sbin/syslogd/syslogd.c
@@ -3721,6 +3721,11 @@ socksetup(struct addrinfo *ai, const char *name, mode_t mode)
 	if (ai->ai_family == AF_LOCAL)
 		unlink(name);
 	if (ai->ai_family == AF_LOCAL || NoBind == 0 || name != NULL) {
+		if (ai->ai_family == AF_LOCAL && fchmod(s, mode) < 0) {
+			dprintf("fchmod %s: %s\n", name, strerror(errno));
+			close(s);
+			return (NULL);
+		}
 		if (bind(s, ai->ai_addr, ai->ai_addrlen) < 0) {
 			logerror("bind");
 			close(s);
@@ -3729,11 +3734,6 @@ socksetup(struct addrinfo *ai, const char *name, mode_t mode)
 		if (ai->ai_family == AF_LOCAL || SecureMode == 0)
 			increase_rcvbuf(s);
 	}
-	if (ai->ai_family == AF_LOCAL && chmod(name, mode) < 0) {
-		dprintf("chmod %s: %s\n", name, strerror(errno));
-		close(s);
-		return (NULL);
-	}
 	dprintf("new socket fd is %d\n", s);
 	sl_recv = socklist_recv_sock;
 #if defined(INET) || defined(INET6)