Make sure the rundir is accessible by the user

otherwise the user might not have enough permissions to access the
socket if root's umask is 077.

http://bugs.debian.org/614210

diff --git a/daemon/libvirtd.c b/daemon/libvirtd.c
index 452566cc3f87a33aa9b87f01916fae8a8a8a12fa..9a5a53e3e3aab93f8d0a3acb94e03bfc81f3ffba 100644 (file)
--- a/daemon/libvirtd.c
+++ b/daemon/libvirtd.c
@@ -3277,16 +3277,20 @@ int main(int argc, char **argv) {
     /* Ensure the rundir exists (on tmpfs on some systems) */
     if (geteuid() == 0) {
         const char *rundir = LOCALSTATEDIR "/run/libvirt";
+        mode_t old_umask;
 
+        old_umask = umask(022);
         if (mkdir (rundir, 0755)) {
             if (errno != EEXIST) {
                 char ebuf[1024];
                 VIR_ERROR(_("unable to create rundir %s: %s"), rundir,
                           virStrerror(errno, ebuf, sizeof(ebuf)));
                 ret = VIR_DAEMON_ERR_RUNDIR;
+                umask(old_umask);
                 goto error;
             }
         }
+        umask(old_umask);
     }
 
     /* Beyond this point, nothing should rely on using