summaryrefslogtreecommitdiffstats
path: root/src/journal/journald-server.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2013-05-07 19:07:27 +0200
committerLennart Poettering <lennart@poettering.net>2013-05-07 19:20:26 +0200
commit11ec7cede5bd0255e9df7bf95325d8b69993e40f (patch)
tree671e329fedd793facf58744737a7fe8815de9169 /src/journal/journald-server.c
parentbuild-sys: support builds without EAs again (diff)
downloadsystemd-11ec7cede5bd0255e9df7bf95325d8b69993e40f.tar.xz
systemd-11ec7cede5bd0255e9df7bf95325d8b69993e40f.zip
journald: don't recalculate the ACL mask
Otherwise we might end up with executable files if some default ACL is set for the journal directory.
Diffstat (limited to '')
-rw-r--r--src/journal/journald-server.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index 88163c0116..cc52b8a5c9 100644
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -227,9 +227,9 @@ void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
}
}
+ /* We do not recalculate the mask here, so that the fchmod() mask above stays intact. */
if (acl_get_permset(entry, &permset) < 0 ||
- acl_add_perm(permset, ACL_READ) < 0 ||
- acl_calc_mask(&acl) < 0) {
+ acl_add_perm(permset, ACL_READ) < 0) {
log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
goto finish;
}