aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/firecfg/main.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/src/firecfg/main.c b/src/firecfg/main.c
index b1a3b7427..84f6a5f77 100644
--- a/src/firecfg/main.c
+++ b/src/firecfg/main.c
@@ -316,9 +316,6 @@ int main(int argc, char **argv) {
316 int i; 316 int i;
317 int bindir_set = 0; 317 int bindir_set = 0;
318 318
319 // set umask
320 umask(022);
321
322 // user setup 319 // user setup
323 char *user = get_user(); 320 char *user = get_user();
324 assert(user); 321 assert(user);
@@ -382,6 +379,8 @@ int main(int argc, char **argv) {
382 exit(1); 379 exit(1);
383 } 380 }
384 381
382 // set umask, access database must be world-readable
383 umask(022);
385 for (j = i + 1; j < argc; j++) { 384 for (j = i + 1; j < argc; j++) {
386 printf("Adding user %s to Firejail access database in %s/firejail.users\n", argv[j], SYSCONFDIR); 385 printf("Adding user %s to Firejail access database in %s/firejail.users\n", argv[j], SYSCONFDIR);
387 firejail_user_add(argv[j]); 386 firejail_user_add(argv[j]);
@@ -436,7 +435,10 @@ int main(int argc, char **argv) {
436 // add user to firejail access database - only for root 435 // add user to firejail access database - only for root
437 if (getuid() == 0) { 436 if (getuid() == 0) {
438 printf("\nAdding user %s to Firejail access database in %s/firejail.users\n", user, SYSCONFDIR); 437 printf("\nAdding user %s to Firejail access database in %s/firejail.users\n", user, SYSCONFDIR);
438 // temporarily set the umask, access database must be world-readable
439 mode_t orig_umask = umask(022);
439 firejail_user_add(user); 440 firejail_user_add(user);
441 umask(orig_umask);
440 } 442 }
441 443
442 // set new symlinks based on ~/.config/firejail directory 444 // set new symlinks based on ~/.config/firejail directory
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-24 06:49:32 +0000