unreadable firejail.users database fixes

run firecfg with umask 022 and print a diagnostic message if
the database is not readable.

closes #2225

2 files changed, 11 insertions, 3 deletions

diff --git a/src/firecfg/main.c b/src/firecfg/main.c
index 810af6ff2..b1a3b7427 100644
--- a/src/firecfg/main.c
+++ b/src/firecfg/main.c
@@ -316,6 +316,9 @@ int main(int argc, char **argv) {
         int i;
         int bindir_set = 0;
 
+        // set umask
+        umask(022);
+
         // user setup
         char *user = get_user();
         assert(user);
diff --git a/src/lib/firejail_user.c b/src/lib/firejail_user.c
index b270db459..03aaa3b4e 100644
--- a/src/lib/firejail_user.c
+++ b/src/lib/firejail_user.c
@@ -119,9 +119,13 @@ int firejail_user_check(const char *name) {
         }
 
         FILE *fp = fopen(fname, "r");
+        if (!fp) {
+                fprintf(stderr, "Error: cannot open %s for reading. "
+                        "See \"man firejail-users\" for more information about this file.\n", fname);
+                perror("fopen");
+                exit(1);
+        }
         free(fname);
-        if (!fp)
-                return 0;
 
         char buf[MAXBUF];
         while (fgets(buf, MAXBUF, fp)) {
@@ -165,8 +169,9 @@ void firejail_user_add(const char *name) {
                         return;
                 }
         }
+        else
+                printf("Creating %s\n", fname);
 
-        printf("%s created\n", fname);
         FILE *fp = fopen(fname, "a+");
         if (!fp) {
                 fprintf(stderr, "Error: cannot open %s\n", fname);