Explicitly call chmod on newly created directories

Without calling os.chmod(), umask is effective and may cause that
directory is created with permission that causes failure.

This can be related to https://fedorahosted.org/freeipa/ticket/5520

Reviewed-By: Tomas Babej <tbabej@redhat.com>
This commit is contained in:
Martin Basti 2015-12-09 13:40:04 +01:00 committed by Tomas Babej
parent 5e2cd38ab9
commit 4272ba40ea
5 changed files with 14 additions and 8 deletions

View File

@ -420,6 +420,7 @@ class SystemdService(PlatformService):
try:
if not ipautil.dir_exists(srv_tgt):
os.mkdir(srv_tgt)
os.mkdir(srv_tgt, 0o755)
if os.path.exists(srv_lnk):
# Remove old link
os.unlink(srv_lnk)

View File

@ -800,6 +800,7 @@ class CAInstance(DogtagInstance):
if not ipautil.dir_exists(self.ra_agent_db):
os.mkdir(self.ra_agent_db)
os.chmod(self.ra_agent_db, 0o755)
# Create the password file for this db
hex_str = binascii.hexlify(os.urandom(10))

View File

@ -271,8 +271,8 @@ class Backup(admintool.AdminTool):
os.chown(self.top_dir, pent.pw_uid, pent.pw_gid)
os.chmod(self.top_dir, 0o750)
self.dir = os.path.join(self.top_dir, "ipa")
os.mkdir(self.dir, 0o750)
os.mkdir(self.dir)
os.chmod(self.dir, 0o750)
os.chown(self.dir, pent.pw_uid, pent.pw_gid)
self.header = os.path.join(self.top_dir, 'header')
@ -588,7 +588,8 @@ class Backup(admintool.AdminTool):
backup_dir = os.path.join(paths.IPA_BACKUP_DIR, time.strftime('ipa-full-%Y-%m-%d-%H-%M-%S'))
filename = os.path.join(backup_dir, "ipa-full.tar")
os.mkdir(backup_dir, 0o700)
os.mkdir(backup_dir)
os.chmod(backup_dir, 0o700)
cwd = os.getcwd()
os.chdir(self.dir)

View File

@ -361,7 +361,8 @@ class ReplicaPrepare(admintool.AdminTool):
self.top_dir = tempfile.mkdtemp("ipa")
self.dir = os.path.join(self.top_dir, "realm_info")
os.mkdir(self.dir, 0o700)
os.mkdir(self.dir)
os.chmod(self.dir, 0o700)
try:
self.copy_ds_certificate()

View File

@ -303,8 +303,8 @@ class Restore(admintool.AdminTool):
os.chown(self.top_dir, pent.pw_uid, pent.pw_gid)
os.chmod(self.top_dir, 0o750)
self.dir = os.path.join(self.top_dir, "ipa")
os.mkdir(self.dir, 0o750)
os.mkdir(self.dir)
os.chmod(self.dir, 0o750)
os.chown(self.dir, pent.pw_uid, pent.pw_gid)
cwd = os.getcwd()
@ -534,7 +534,8 @@ class Restore(admintool.AdminTool):
if not os.path.exists(ldifdir):
pent = pwd.getpwnam(DS_USER)
os.mkdir(ldifdir, 0o770)
os.mkdir(ldifdir)
os.chmod(ldifdir, 0o770)
os.chown(ldifdir, pent.pw_uid, pent.pw_gid)
ipautil.backup_file(ldiffile)
@ -791,7 +792,8 @@ class Restore(admintool.AdminTool):
for dir in dirs:
try:
self.log.debug('Creating %s' % dir)
os.mkdir(dir, 0o770)
os.mkdir(dir)
os.chmod(dir, 0o770)
os.chown(dir, pent.pw_uid, pent.pw_gid)
tasks.restore_context(dir)
except Exception as e: