From ff6612fac86e1a79ba264167f0263ff12f62f346 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Sat, 10 Nov 2018 14:57:26 +0100
Subject: unreadable firejail.users database fixes

run firecfg with umask 022 and print a diagnostic message if
the database is not readable.

closes #2225
---
 src/firecfg/main.c      |  3 +++
 src/lib/firejail_user.c | 11 ++++++++---
 2 files changed, 11 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/firecfg/main.c b/src/firecfg/main.c
index 810af6ff2..b1a3b7427 100644
--- a/src/firecfg/main.c
+++ b/src/firecfg/main.c
@@ -316,6 +316,9 @@ int main(int argc, char **argv) {
 	int i;
 	int bindir_set = 0;
 
+	// set umask
+	umask(022);
+
 	// user setup
 	char *user = get_user();
 	assert(user);
diff --git a/src/lib/firejail_user.c b/src/lib/firejail_user.c
index b270db459..03aaa3b4e 100644
--- a/src/lib/firejail_user.c
+++ b/src/lib/firejail_user.c
@@ -119,9 +119,13 @@ int firejail_user_check(const char *name) {
 	}
 
 	FILE *fp = fopen(fname, "r");
+	if (!fp) {
+		fprintf(stderr, "Error: cannot open %s for reading. "
+			"See \"man firejail-users\" for more information about this file.\n", fname);
+		perror("fopen");
+		exit(1);
+	}
 	free(fname);
-	if (!fp)
-		return 0;
 
 	char buf[MAXBUF];
 	while (fgets(buf, MAXBUF, fp)) {
@@ -165,8 +169,9 @@ void firejail_user_add(const char *name) {
 			return;
 		}
 	}
+	else
+		printf("Creating %s\n", fname);
 
-	printf("%s created\n", fname);
 	FILE *fp = fopen(fname, "a+");
 	if (!fp) {
 		fprintf(stderr, "Error: cannot open %s\n", fname);
-- 
cgit v1.2.3-54-g00ecf