From 105fba4593f02fccb85909ea3bc30ed8c426908d Mon Sep 17 00:00:00 2001
From: Jouke Witteveen <j.witteveen@gmail.com>
Date: Tue, 27 May 2014 12:05:12 +0200
Subject: Escape hatch for the restrictive umask

Some things should not be run with the restrictive umask.
This provides a means to do so: do_readable.
---
 src/lib/globals | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

(limited to 'src/lib/globals')

diff --git a/src/lib/globals b/src/lib/globals
index cf99575..42ac177 100644
--- a/src/lib/globals
+++ b/src/lib/globals
@@ -4,8 +4,6 @@ SUBR_DIR="/usr/lib/network"
 STATE_DIR="/run/network"
 STATE_FILE="${NETCTL_STATE_FILE:-/var/lib/netctl/netctl.state}"
 
-umask 077
-
 
 ### Logging/Error reporting
 
@@ -72,6 +70,16 @@ do_debug() {
     "$@"
 }
 
+## Evaluate with a permissive umask
+do_readable() {
+    local result
+    umask 022
+    "$@"
+    result=$?
+    umask 077
+    return $result
+}
+
 ## Exit if we are not effectively root
 # $1: program name (optional)
 ensure_root() {
@@ -126,4 +134,8 @@ load_profile() {
 }
 
 
+# Set a restrictive umask
+do_readable :
+
+
 # vim: ft=sh ts=4 et sw=4:
-- 
cgit v1.2.3-24-g4f1b