diff options
Diffstat (limited to 'src/firecfg')
-rw-r--r-- | src/firecfg/main.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/firecfg/main.c b/src/firecfg/main.c index b1a3b7427..84f6a5f77 100644 --- a/src/firecfg/main.c +++ b/src/firecfg/main.c | |||
@@ -316,9 +316,6 @@ int main(int argc, char **argv) { | |||
316 | int i; | 316 | int i; |
317 | int bindir_set = 0; | 317 | int bindir_set = 0; |
318 | 318 | ||
319 | // set umask | ||
320 | umask(022); | ||
321 | |||
322 | // user setup | 319 | // user setup |
323 | char *user = get_user(); | 320 | char *user = get_user(); |
324 | assert(user); | 321 | assert(user); |
@@ -382,6 +379,8 @@ int main(int argc, char **argv) { | |||
382 | exit(1); | 379 | exit(1); |
383 | } | 380 | } |
384 | 381 | ||
382 | // set umask, access database must be world-readable | ||
383 | umask(022); | ||
385 | for (j = i + 1; j < argc; j++) { | 384 | for (j = i + 1; j < argc; j++) { |
386 | printf("Adding user %s to Firejail access database in %s/firejail.users\n", argv[j], SYSCONFDIR); | 385 | printf("Adding user %s to Firejail access database in %s/firejail.users\n", argv[j], SYSCONFDIR); |
387 | firejail_user_add(argv[j]); | 386 | firejail_user_add(argv[j]); |
@@ -436,7 +435,10 @@ int main(int argc, char **argv) { | |||
436 | // add user to firejail access database - only for root | 435 | // add user to firejail access database - only for root |
437 | if (getuid() == 0) { | 436 | if (getuid() == 0) { |
438 | printf("\nAdding user %s to Firejail access database in %s/firejail.users\n", user, SYSCONFDIR); | 437 | printf("\nAdding user %s to Firejail access database in %s/firejail.users\n", user, SYSCONFDIR); |
438 | // temporarily set the umask, access database must be world-readable | ||
439 | mode_t orig_umask = umask(022); | ||
439 | firejail_user_add(user); | 440 | firejail_user_add(user); |
441 | umask(orig_umask); | ||
440 | } | 442 | } |
441 | 443 | ||
442 | // set new symlinks based on ~/.config/firejail directory | 444 | // set new symlinks based on ~/.config/firejail directory |