From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/2167
Path: news.gmane.org!not-for-mail
From: Vallo Kallaste <kalts@estpak.ee>
Newsgroups: gmane.comp.sysutils.supervision.general
Subject: Re: s6-log does not obey umask
Date: Wed, 14 Nov 2012 10:57:47 +0200
Message-ID: <20121114085747.GA26489@hape.internal>
References: <20121113204647.GA22147@hape.internal>
 <20121114022902.GA25513@skarnet.org>
Reply-To: kalts@estpak.ee
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: ger.gmane.org 1352883473 24042 80.91.229.3 (14 Nov 2012 08:57:53 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Wed, 14 Nov 2012 08:57:53 +0000 (UTC)
To: supervision@list.skarnet.org, kalts@estpak.ee
Original-X-From: supervision-return-2401-gcsg-supervision=m.gmane.org@list.skarnet.org Wed Nov 14 09:58:04 2012
Return-path: <supervision-return-2401-gcsg-supervision=m.gmane.org@list.skarnet.org>
Envelope-to: gcsg-supervision@plane.gmane.org
Original-Received: from antah.skarnet.org ([212.85.147.14])
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <supervision-return-2401-gcsg-supervision=m.gmane.org@list.skarnet.org>)
	id 1TYYnH-000272-T9
	for gcsg-supervision@plane.gmane.org; Wed, 14 Nov 2012 09:57:59 +0100
Original-Received: (qmail 23202 invoked by uid 76); 14 Nov 2012 07:54:24 -0000
Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm
List-Post: <mailto:supervision@list.skarnet.org>
List-Help: <mailto:supervision-help@list.skarnet.org>
List-Unsubscribe: <mailto:supervision-unsubscribe@list.skarnet.org>
List-Subscribe: <mailto:supervision-subscribe@list.skarnet.org>
List-Archive: <http://www.skarnet.org/lists/>
Original-Received: (qmail 23193 invoked from network); 14 Nov 2012 07:54:24 -0000
Content-Disposition: inline
In-Reply-To: <20121114022902.GA25513@skarnet.org>
User-Agent: Mutt/1.5.20 (2009-06-14)
Xref: news.gmane.org gmane.comp.sysutils.supervision.general:2167
Archived-At: <http://permalink.gmane.org/gmane.comp.sysutils.supervision.general/2167>

On Wed, Nov 14, 2012 at 03:29:02AM +0100, Laurent Bercot
<ska-supervision@skarnet.org> wrote:

> > I am not sure if it is intended behaviour or not.
> > echo |/command/umask 0027 s6-log /some/dir will create lock and
> > state files with permissions 0640, but current with 0744. It is the
> > world-readable bit I am concerned with.
> 
>  It is intentional. When the current file is created, it actually
> respects the umask. When s6-log exits, it uses the fchmod() system call,
> which doesn't take the umask into account, to chmod the current file to
> 744, which is a marker that says "processed, safe file".
> 
>  There is no security problem : the /some/dir directory will have
> restricted, umask-following, rights, so the "current" file will be
> unreadable by others anyway.

Ok, so be it. But the notion that /some/dir has always restricted
rights is not true, it depends on circumstances.
I will move other logdirs out of /some/dir, it's easier and cleaner
than resorting to ACL kludgery.
-- 
Vallo