mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 23:50:03 -06:00
Explicitly call chmod on newly created directories
Without calling os.chmod(), umask is effective and may cause that directory is created with permission that causes failure. This can be related to https://fedorahosted.org/freeipa/ticket/5520 Reviewed-By: Tomas Babej <tbabej@redhat.com>
This commit is contained in:
parent
5e2cd38ab9
commit
4272ba40ea
@ -420,6 +420,7 @@ class SystemdService(PlatformService):
|
||||
try:
|
||||
if not ipautil.dir_exists(srv_tgt):
|
||||
os.mkdir(srv_tgt)
|
||||
os.mkdir(srv_tgt, 0o755)
|
||||
if os.path.exists(srv_lnk):
|
||||
# Remove old link
|
||||
os.unlink(srv_lnk)
|
||||
|
@ -800,6 +800,7 @@ class CAInstance(DogtagInstance):
|
||||
|
||||
if not ipautil.dir_exists(self.ra_agent_db):
|
||||
os.mkdir(self.ra_agent_db)
|
||||
os.chmod(self.ra_agent_db, 0o755)
|
||||
|
||||
# Create the password file for this db
|
||||
hex_str = binascii.hexlify(os.urandom(10))
|
||||
|
@ -271,8 +271,8 @@ class Backup(admintool.AdminTool):
|
||||
os.chown(self.top_dir, pent.pw_uid, pent.pw_gid)
|
||||
os.chmod(self.top_dir, 0o750)
|
||||
self.dir = os.path.join(self.top_dir, "ipa")
|
||||
os.mkdir(self.dir, 0o750)
|
||||
|
||||
os.mkdir(self.dir)
|
||||
os.chmod(self.dir, 0o750)
|
||||
os.chown(self.dir, pent.pw_uid, pent.pw_gid)
|
||||
|
||||
self.header = os.path.join(self.top_dir, 'header')
|
||||
@ -588,7 +588,8 @@ class Backup(admintool.AdminTool):
|
||||
backup_dir = os.path.join(paths.IPA_BACKUP_DIR, time.strftime('ipa-full-%Y-%m-%d-%H-%M-%S'))
|
||||
filename = os.path.join(backup_dir, "ipa-full.tar")
|
||||
|
||||
os.mkdir(backup_dir, 0o700)
|
||||
os.mkdir(backup_dir)
|
||||
os.chmod(backup_dir, 0o700)
|
||||
|
||||
cwd = os.getcwd()
|
||||
os.chdir(self.dir)
|
||||
|
@ -361,7 +361,8 @@ class ReplicaPrepare(admintool.AdminTool):
|
||||
|
||||
self.top_dir = tempfile.mkdtemp("ipa")
|
||||
self.dir = os.path.join(self.top_dir, "realm_info")
|
||||
os.mkdir(self.dir, 0o700)
|
||||
os.mkdir(self.dir)
|
||||
os.chmod(self.dir, 0o700)
|
||||
try:
|
||||
self.copy_ds_certificate()
|
||||
|
||||
|
@ -303,8 +303,8 @@ class Restore(admintool.AdminTool):
|
||||
os.chown(self.top_dir, pent.pw_uid, pent.pw_gid)
|
||||
os.chmod(self.top_dir, 0o750)
|
||||
self.dir = os.path.join(self.top_dir, "ipa")
|
||||
os.mkdir(self.dir, 0o750)
|
||||
|
||||
os.mkdir(self.dir)
|
||||
os.chmod(self.dir, 0o750)
|
||||
os.chown(self.dir, pent.pw_uid, pent.pw_gid)
|
||||
|
||||
cwd = os.getcwd()
|
||||
@ -534,7 +534,8 @@ class Restore(admintool.AdminTool):
|
||||
|
||||
if not os.path.exists(ldifdir):
|
||||
pent = pwd.getpwnam(DS_USER)
|
||||
os.mkdir(ldifdir, 0o770)
|
||||
os.mkdir(ldifdir)
|
||||
os.chmod(ldifdir, 0o770)
|
||||
os.chown(ldifdir, pent.pw_uid, pent.pw_gid)
|
||||
|
||||
ipautil.backup_file(ldiffile)
|
||||
@ -791,7 +792,8 @@ class Restore(admintool.AdminTool):
|
||||
for dir in dirs:
|
||||
try:
|
||||
self.log.debug('Creating %s' % dir)
|
||||
os.mkdir(dir, 0o770)
|
||||
os.mkdir(dir)
|
||||
os.chmod(dir, 0o770)
|
||||
os.chown(dir, pent.pw_uid, pent.pw_gid)
|
||||
tasks.restore_context(dir)
|
||||
except Exception as e:
|
||||
|
Loading…
Reference in New Issue
Block a user