Proper umask usage.

diff --git a/src/VfsNs.cpp b/src/VfsNs.cpp
index e18af57..f79c10f 100644 (file)
--- a/src/VfsNs.cpp
+++ b/src/VfsNs.cpp
@@ -48,7 +48,7 @@ static gid_t getGid(const SecurityContext* ctx) {
 
 
 VfsCatalog::VfsCatalog(const std::string& host, const std::string& prefix, const std::string &allow, const std::string &deny, const std::string allowWrite, const std::string denyWrite) throw (DmException): Catalog(),
-        hostName_(host)
+        hostName_(host), umask_(022)
 {
   this->allowRegex = vfsCompileRegex("Allow", allow);
   this->denyRegex = vfsCompileRegex("Deny", deny);
@@ -568,7 +568,7 @@ void VfsCatalog::create(const std::string& path, mode_t mode) throw (DmException
 
   if (code == ENOENT) {
     // Cleanup mode
-    mode = (mode & ~S_IFMT) | S_IFREG;
+    mode = (mode & ~S_IFMT & ~this->umask_) | S_IFREG;
 
     // Effective gid
     if (parent.stat.st_mode & S_ISGID) {
@@ -606,10 +606,14 @@ void VfsCatalog::create(const std::string& path, mode_t mode) throw (DmException
 
 mode_t VfsCatalog::umask(mode_t mask) throw ()
 {
+  mode_t prev;
+
   if (vfsCheckPermissions("", S_IREAD))
     vfsThrow(EACCES, "not enough permissions for '%s'", clientName.c_str());
 
-  return ::umask(mask);
+  prev = this->umask_;
+  this->umask_ = mask;
+  return prev;
 }
 
 
@@ -1127,7 +1131,7 @@ void VfsCatalog::makeDir(const std::string& path, mode_t mode) throw (DmExceptio
   lpath = getLocalPath(path);
 
   // Clean up unwanted bits, set bits
-  mode = (mode & ~S_IFMT) | S_IFDIR;
+  mode = (mode & ~S_IFMT & ~this->umask_) | S_IFDIR;
 
   // Effective gid
   if (parent.stat.st_mode & S_ISGID) {

diff --git a/src/VfsNs.h b/src/VfsNs.h
index ede8792..06e433a 100644 (file)
--- a/src/VfsNs.h
+++ b/src/VfsNs.h
@@ -127,6 +127,7 @@ namespace dmlite {
     const SecurityContext* secCtx_;
     std::string hostName_;
     std::string prefix_;
+    mode_t umask_;
 
    private:
     regex_t *allowRegex, *denyRegex, *allowWriteRegex, *denyWriteRegex;