Skip to content

Commit

Permalink
rc.conf(5): add <service>_umask to run the service using this value
Browse files Browse the repository at this point in the history
None of tools working with login classes change umask(1)
and we had no ways to specify non-default umask for a service
not touching its startup script. This change makes in possible.

Some file-sharing services that create new files may benefit from it.

Differential:	https://reviews.freebsd.org/D36309

(cherry picked from commit 160a2f2cdda806e104c0d3194bfb84b208ad1ae8)
  • Loading branch information
Eugene Grosbein authored and laffer1 committed Dec 9, 2023
1 parent c09e53c commit 24c2384
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 2 deletions.
10 changes: 9 additions & 1 deletion libexec/rc/rc.subr
Original file line number Diff line number Diff line change
Expand Up @@ -769,6 +769,8 @@ check_startmsgs()
#
# ${name}_oomprotect n Don't kill ${command} when swap space is exhausted.
#
# ${name}_umask n The file creation mask to run ${command} with.
#
# ${name}_user n User to run ${command} as, using su(1) if not
# using ${name}_chroot.
# Requires /usr to be mounted.
Expand Down Expand Up @@ -969,7 +971,8 @@ run_rc_command()
_fib=\$${name}_fib _env=\$${name}_env \
_prepend=\$${name}_prepend _login_class=\${${name}_login_class:-daemon} \
_limits=\$${name}_limits _oomprotect=\$${name}_oomprotect \
_setup=\$${name}_setup _env_file=\$${name}_env_file
_setup=\$${name}_setup _env_file=\$${name}_env_file \
_umask=\$${name}_umask

if [ -n "$_env_file" ] && [ -r "${_env_file}" ]; then # load env from file
set -a
Expand Down Expand Up @@ -1330,9 +1333,14 @@ _run_rc_postcmd()

_run_rc_doit()
{
local _m

debug "run_rc_command: doit: $*"
_m=$(umask)
${_umask:+umask ${_umask}}
eval "$@"
_return=$?
umask ${_m}

# If command failed and force isn't set, request exit.
if [ $_return -ne 0 ] && [ -z "$rc_force" ]; then
Expand Down
8 changes: 7 additions & 1 deletion share/man/man5/rc.conf.5
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.Dd July 7, 2022
.Dd August 28, 2022
.Dt RC.CONF 5
.Os
.Sh NAME
Expand Down Expand Up @@ -232,6 +232,11 @@ such as PostgreSQL will not inherit the OOM killer protection.
.Pp
This variable has no effect on services running within a
.Xr jail 8 .
.It Ao Ar name Ac Ns Va _umask
.Pq Vt int
Run the service using this
.Xr umask 1
value.
.It Ao Ar name Ac Ns Va _user
.Pq Vt str
Run the service under this user account.
Expand Down Expand Up @@ -4670,6 +4675,7 @@ files.
.Xr limits 1 ,
.Xr protect 1 ,
.Xr sh 1 ,
.Xr umask 1 ,
.Xr vi 1 ,
.Xr vidcontrol 1 ,
.Xr bridge 4 ,
Expand Down

0 comments on commit 24c2384

Please sign in to comment.