#3583 Stop calling umask(0) in selinux_child now that libsemanage has been fixed
Closed: Fixed 2 years ago by pbrezina. Opened 4 years ago by jhrozek.

As a workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1186422, we were calling:

155     old_mask = umask(0);
156     if (strcmp(seuser_name, "") == 0) {
157         /* An empty SELinux user should cause SSSD to use the system
158          * default. We need to remove the SELinux user from the DB
159          * in that case
160          */
161         ret = del_seuser(login_name);
162     } else {
163         ret = set_seuser(login_name, seuser_name, mls);
164     }
165     umask(old_mask);

But since that bug was fixed, we can drop this workaround eventually.

Metadata Update from @jhrozek:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1512012

4 years ago

Metadata Update from @atikhonov:
- Issue set to the milestone: None
- Issue tagged with: PR

2 years ago

We chose to keep umask there and just comment its usage, see: https://github.com/SSSD/sssd/pull/457#issuecomment-494749209

  • master
    • fb3a8b3 - selinux: Keep explicite umask() calls

Metadata Update from @pbrezina:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

2 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4607

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.