From 541f243067ee8b12eb6a5ccb33485486ecf25cfb Mon Sep 17 00:00:00 2001 From: postmannen Date: Tue, 10 Jan 2023 06:50:28 +0100 Subject: [PATCH] added group permissions for files/directories created --- README.md | 2 +- central_auth_acl_handling.go | 2 +- central_auth_key_handling.go | 2 +- configuration_flags.go | 6 +++--- message_readers.go | 4 ++-- node_auth.go | 12 ++++++------ requests_copy.go | 4 ++-- requests_file_handling.go | 6 +++--- requests_std.go | 14 +++++++------- requests_test.go | 4 ++-- ringbuffer.go | 6 +++--- .../steward/create-docker-compose-files/main.go | 2 +- server.go | 4 ++-- tui.go | 2 +- 14 files changed, 35 insertions(+), 35 deletions(-) diff --git a/README.md b/README.md index ddc1129..96c7838 100644 --- a/README.md +++ b/README.md @@ -661,7 +661,7 @@ Copy a file from one node to another node. "fileName": "copy.log", "toNodes": ["central"], "method":"REQCopySrc", - "methodArgs": ["./testbinary","ship1","./testbinary-copied","500000","20","0700"], + "methodArgs": ["./testbinary","ship1","./testbinary-copied","500000","20","0770"], "methodTimeout": 10, "replyMethod":"REQToConsole" } diff --git a/central_auth_acl_handling.go b/central_auth_acl_handling.go index 191dd6e..7c44029 100644 --- a/central_auth_acl_handling.go +++ b/central_auth_acl_handling.go @@ -293,7 +293,7 @@ func (c *centralAuth) aclDeleteSource(host Node, source Node) error { func (c *centralAuth) generateACLsForAllNodes() error { // We first one to save the current main ACLMap. func() { - fh, err := os.OpenFile(c.accessLists.schemaMain.ACLMapFilePath, os.O_CREATE|os.O_TRUNC|os.O_RDWR, 0600) + fh, err := os.OpenFile(c.accessLists.schemaMain.ACLMapFilePath, os.O_CREATE|os.O_TRUNC|os.O_RDWR, 0660) if err != nil { er := fmt.Errorf("error: generateACLsForAllNodes: opening file for writing: %v, err: %v", c.accessLists.schemaMain.ACLMapFilePath, err) log.Printf("%v\n", er) diff --git a/central_auth_key_handling.go b/central_auth_key_handling.go index ab69bf6..8d1cc11 100644 --- a/central_auth_key_handling.go +++ b/central_auth_key_handling.go @@ -73,7 +73,7 @@ func newPKI(configuration *Configuration, errorKernel *errorKernel) *pki { databaseFilepath := filepath.Join(configuration.DatabaseFolder, "auth.db") // Open the database file for persistent storage of public keys. - db, err := bolt.Open(databaseFilepath, 0600, nil) + db, err := bolt.Open(databaseFilepath, 0660, nil) if err != nil { log.Printf("error: failed to open db: %v\n", err) return &p diff --git a/configuration_flags.go b/configuration_flags.go index 30f92c5..d297d78 100644 --- a/configuration_flags.go +++ b/configuration_flags.go @@ -707,7 +707,7 @@ func (c *Configuration) ReadConfigFile(configFolder string) (Configuration, erro return Configuration{}, fmt.Errorf("error: no config file found %v: %v", fPath, err) } - f, err := os.OpenFile(fPath, os.O_RDONLY, 0600) + f, err := os.OpenFile(fPath, os.O_RDONLY, 0660) if err != nil { return Configuration{}, fmt.Errorf("error: ReadConfigFile: failed to open file: %v", err) } @@ -730,7 +730,7 @@ func (c *Configuration) ReadConfigFile(configFolder string) (Configuration, erro // directory for the config file does not exist it will be created. func (c *Configuration) WriteConfigFile() error { if _, err := os.Stat(c.ConfigFolder); os.IsNotExist(err) { - err := os.MkdirAll(c.ConfigFolder, 0700) + err := os.MkdirAll(c.ConfigFolder, 0770) if err != nil { return fmt.Errorf("error: failed to create config directory %v: %v", c.ConfigFolder, err) } @@ -738,7 +738,7 @@ func (c *Configuration) WriteConfigFile() error { fp := filepath.Join(c.ConfigFolder, "config.toml") - f, err := os.OpenFile(fp, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600) + f, err := os.OpenFile(fp, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0660) if err != nil { return fmt.Errorf("error: WriteConfigFile: failed to open file: %v", err) } diff --git a/message_readers.go b/message_readers.go index 0d0226b..a26f4fa 100644 --- a/message_readers.go +++ b/message_readers.go @@ -119,7 +119,7 @@ func (s *server) getFilePaths(dirName string) ([]string, error) { // Check if the startup folder exist. if _, err := os.Stat(dirPath); os.IsNotExist(err) { - err := os.MkdirAll(dirPath, 0700) + err := os.MkdirAll(dirPath, 0770) if err != nil { er := fmt.Errorf("error: failed to create startup folder: %v", err) return nil, er @@ -208,7 +208,7 @@ func (s *server) readSocket() { func (s *server) readFolder() { // Check if the startup folder exist. if _, err := os.Stat(s.configuration.ReadFolder); os.IsNotExist(err) { - err := os.MkdirAll(s.configuration.ReadFolder, 0700) + err := os.MkdirAll(s.configuration.ReadFolder, 0770) if err != nil { er := fmt.Errorf("error: failed to create readfolder folder: %v", err) log.Printf("%v\n", er) diff --git a/node_auth.go b/node_auth.go index d67f49e..716451f 100644 --- a/node_auth.go +++ b/node_auth.go @@ -110,7 +110,7 @@ func (n *nodeAcl) loadFromFile() error { return nil } - fh, err := os.OpenFile(n.filePath, os.O_RDONLY, 0600) + fh, err := os.OpenFile(n.filePath, os.O_RDONLY, 0660) if err != nil { return fmt.Errorf("error: failed to open acl file: %v", err) } @@ -136,7 +136,7 @@ func (n *nodeAcl) loadFromFile() error { // saveToFile will save the acl to file for persistent storage. // An error is returned if it fails. func (n *nodeAcl) saveToFile() error { - fh, err := os.OpenFile(n.filePath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600) + fh, err := os.OpenFile(n.filePath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0660) if err != nil { return fmt.Errorf("error: failed to acl file: %v", err) } @@ -209,7 +209,7 @@ func (p *publicKeys) loadFromFile() error { return nil } - fh, err := os.OpenFile(p.filePath, os.O_RDONLY, 0600) + fh, err := os.OpenFile(p.filePath, os.O_RDONLY, 0660) if err != nil { return fmt.Errorf("error: failed to open public keys file: %v", err) } @@ -235,7 +235,7 @@ func (p *publicKeys) loadFromFile() error { // saveToFile will save all the public kets to file for persistent storage. // An error is returned if it fails. func (p *publicKeys) saveToFile() error { - fh, err := os.OpenFile(p.filePath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600) + fh, err := os.OpenFile(p.filePath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0660) if err != nil { return fmt.Errorf("error: failed to open public keys file: %v", err) } @@ -261,7 +261,7 @@ func (p *publicKeys) saveToFile() error { func (n *nodeAuth) loadSigningKeys() error { // Check if folder structure exist, if not create it. if _, err := os.Stat(n.SignKeyFolder); os.IsNotExist(err) { - err := os.MkdirAll(n.SignKeyFolder, 0700) + err := os.MkdirAll(n.SignKeyFolder, 0770) if err != nil { er := fmt.Errorf("error: failed to create directory for signing keys : %v", err) return er @@ -333,7 +333,7 @@ func (n *nodeAuth) loadSigningKeys() error { // writeSigningKey will write the base64 encoded signing key to file. func (n *nodeAuth) writeSigningKey(realPath string, keyB64 string) error { - fh, err := os.OpenFile(realPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600) + fh, err := os.OpenFile(realPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0660) if err != nil { er := fmt.Errorf("error: failed to open key file for writing: %v", err) return er diff --git a/requests_copy.go b/requests_copy.go index c669482..65a5242 100644 --- a/requests_copy.go +++ b/requests_copy.go @@ -688,7 +688,7 @@ func copyDstSubProcFunc(proc process, cia copyInitialData, message Message, canc // Open a tmp folder for where to write the received chunks tmpFolder := filepath.Join(proc.configuration.SocketFolder, cia.DstFile+"-"+cia.UUID) - err = os.Mkdir(tmpFolder, 0700) + err = os.Mkdir(tmpFolder, 0770) if err != nil { er := fmt.Errorf("copyDstProcSubFunc: create tmp folder for copying failed: %v", err) proc.errorKernel.errSend(proc, message, er) @@ -732,7 +732,7 @@ func copyDstSubProcFunc(proc process, cia copyInitialData, message Message, canc case copyData: err := func() error { filePath := filepath.Join(tmpFolder, strconv.Itoa(csa.ChunkNumber)+"."+cia.UUID) - fh, err := os.OpenFile(filePath, os.O_TRUNC|os.O_RDWR|os.O_CREATE|os.O_SYNC, 0600) + fh, err := os.OpenFile(filePath, os.O_TRUNC|os.O_RDWR|os.O_CREATE|os.O_SYNC, 0660) if err != nil { er := fmt.Errorf("error: copyDstSubProcFunc: open destination chunk file for writing failed: %v", err) return er diff --git a/requests_file_handling.go b/requests_file_handling.go index 8dbcc9b..18cd0ed 100644 --- a/requests_file_handling.go +++ b/requests_file_handling.go @@ -25,7 +25,7 @@ func (m methodREQToFileAppend) handler(proc process, message Message, node strin // Check if folder structure exist, if not create it. if _, err := os.Stat(folderTree); os.IsNotExist(err) { - err := os.MkdirAll(folderTree, 0700) + err := os.MkdirAll(folderTree, 0770) if err != nil { er := fmt.Errorf("error: methodREQToFileAppend: failed to create toFileAppend directory tree:%v, subject: %v, %v", folderTree, proc.subject, err) proc.errorKernel.errSend(proc, message, er) @@ -37,7 +37,7 @@ func (m methodREQToFileAppend) handler(proc process, message Message, node strin // Open file and write data. file := filepath.Join(folderTree, fileName) - f, err := os.OpenFile(file, os.O_APPEND|os.O_RDWR|os.O_CREATE|os.O_SYNC, 0600) + f, err := os.OpenFile(file, os.O_APPEND|os.O_RDWR|os.O_CREATE|os.O_SYNC, 0660) if err != nil { er := fmt.Errorf("error: methodREQToFileAppend.handler: failed to open file: %v, %v", file, err) proc.errorKernel.errSend(proc, message, er) @@ -76,7 +76,7 @@ func (m methodREQToFile) handler(proc process, message Message, node string) ([] // Check if folder structure exist, if not create it. if _, err := os.Stat(folderTree); os.IsNotExist(err) { - err := os.MkdirAll(folderTree, 0700) + err := os.MkdirAll(folderTree, 0770) if err != nil { er := fmt.Errorf("error: methodREQToFile failed to create toFile directory tree: subject:%v, folderTree: %v, %v", proc.subject, folderTree, err) proc.errorKernel.errSend(proc, message, er) diff --git a/requests_std.go b/requests_std.go index c3aaae7..9a6e779 100644 --- a/requests_std.go +++ b/requests_std.go @@ -27,7 +27,7 @@ func (m methodREQHello) handler(proc process, message Message, node string) ([]b // Check if folder structure exist, if not create it. if _, err := os.Stat(folderTree); os.IsNotExist(err) { - err := os.MkdirAll(folderTree, 0700) + err := os.MkdirAll(folderTree, 0770) if err != nil { return nil, fmt.Errorf("error: failed to create errorLog directory tree %v: %v", folderTree, err) } @@ -38,8 +38,8 @@ func (m methodREQHello) handler(proc process, message Message, node string) ([]b // Open file and write data. file := filepath.Join(folderTree, fileName) - //f, err := os.OpenFile(file, os.O_APPEND|os.O_RDWR|os.O_CREATE|os.O_SYNC, 0600) - f, err := os.OpenFile(file, os.O_TRUNC|os.O_RDWR|os.O_CREATE|os.O_SYNC, 0600) + //f, err := os.OpenFile(file, os.O_APPEND|os.O_RDWR|os.O_CREATE|os.O_SYNC, 0660) + f, err := os.OpenFile(file, os.O_TRUNC|os.O_RDWR|os.O_CREATE|os.O_SYNC, 0660) if err != nil { er := fmt.Errorf("error: methodREQHello.handler: failed to open file: %v", err) @@ -84,7 +84,7 @@ func (m methodREQErrorLog) handler(proc process, message Message, node string) ( // Check if folder structure exist, if not create it. if _, err := os.Stat(folderTree); os.IsNotExist(err) { - err := os.MkdirAll(folderTree, 0700) + err := os.MkdirAll(folderTree, 0770) if err != nil { return nil, fmt.Errorf("error: failed to create errorLog directory tree %v: %v", folderTree, err) } @@ -95,7 +95,7 @@ func (m methodREQErrorLog) handler(proc process, message Message, node string) ( // Open file and write data. file := filepath.Join(folderTree, fileName) - f, err := os.OpenFile(file, os.O_APPEND|os.O_RDWR|os.O_CREATE|os.O_SYNC, 0600) + f, err := os.OpenFile(file, os.O_APPEND|os.O_RDWR|os.O_CREATE|os.O_SYNC, 0660) if err != nil { er := fmt.Errorf("error: methodREQErrorLog.handler: failed to open file: %v", err) return nil, er @@ -133,7 +133,7 @@ func (m methodREQPing) handler(proc process, message Message, node string) ([]by // Check if folder structure exist, if not create it. if _, err := os.Stat(folderTree); os.IsNotExist(err) { - err := os.MkdirAll(folderTree, 0700) + err := os.MkdirAll(folderTree, 0770) if err != nil { er := fmt.Errorf("error: methodREQPing.handler: failed to create toFile directory tree: %v, %v", folderTree, err) proc.errorKernel.errSend(proc, message, er) @@ -196,7 +196,7 @@ func (m methodREQPong) handler(proc process, message Message, node string) ([]by // Check if folder structure exist, if not create it. if _, err := os.Stat(folderTree); os.IsNotExist(err) { - err := os.MkdirAll(folderTree, 0700) + err := os.MkdirAll(folderTree, 0770) if err != nil { er := fmt.Errorf("error: methodREQPong.handler: failed to create toFile directory tree %v: %v", folderTree, err) proc.errorKernel.errSend(proc, message, er) diff --git a/requests_test.go b/requests_test.go index 036fdeb..337ddb1 100644 --- a/requests_test.go +++ b/requests_test.go @@ -343,7 +343,7 @@ func TestRequest(t *testing.T) { func checkREQTailFileTest(stewardServer *server, conf *Configuration, t *testing.T, tmpDir string) error { // Create a file with some content. fp := filepath.Join(tmpDir, "test.file") - fh, err := os.OpenFile(fp, os.O_APPEND|os.O_RDWR|os.O_CREATE|os.O_SYNC, 0600) + fh, err := os.OpenFile(fp, os.O_APPEND|os.O_RDWR|os.O_CREATE|os.O_SYNC, 0660) if err != nil { return fmt.Errorf(" * failed: unable to open temporary file: %v", err) } @@ -424,7 +424,7 @@ func checkREQCopySrc(stewardServer *server, conf *Configuration, t *testing.T, t // Create a file with some content. srcFileName := fmt.Sprintf("copysrc%v.file", i) srcfp := filepath.Join(tmpDir, srcFileName) - fh, err := os.OpenFile(srcfp, os.O_APPEND|os.O_RDWR|os.O_CREATE|os.O_SYNC, 0600) + fh, err := os.OpenFile(srcfp, os.O_APPEND|os.O_RDWR|os.O_CREATE|os.O_SYNC, 0660) if err != nil { t.Fatalf(" \U0001F631 [FAILED] : checkREQCopySrc: unable to open temporary file: %v", err) } diff --git a/ringbuffer.go b/ringbuffer.go index a123072..26c01a1 100644 --- a/ringbuffer.go +++ b/ringbuffer.go @@ -65,7 +65,7 @@ func newringBuffer(ctx context.Context, metrics *metrics, configuration *Configu // Check if socket folder exists, if not create it if _, err := os.Stat(configuration.DatabaseFolder); os.IsNotExist(err) { - err := os.MkdirAll(configuration.DatabaseFolder, 0700) + err := os.MkdirAll(configuration.DatabaseFolder, 0770) if err != nil { log.Printf("error: failed to create database directory %v: %v\n", configuration.DatabaseFolder, err) os.Exit(1) @@ -78,7 +78,7 @@ func newringBuffer(ctx context.Context, metrics *metrics, configuration *Configu var db *bolt.DB if configuration.RingBufferPersistStore { var err error - db, err = bolt.Open(DatabaseFilepath, 0600, nil) + db, err = bolt.Open(DatabaseFilepath, 0660, nil) if err != nil { log.Printf("error: failed to open db: %v\n", err) os.Exit(1) @@ -538,7 +538,7 @@ func (r *ringBuffer) dbUpdate(db *bolt.DB, bucket string, key string, value []by func (r *ringBuffer) startPermanentStore(ctx context.Context) { storeFile := filepath.Join(r.configuration.DatabaseFolder, "store.log") - f, err := os.OpenFile(storeFile, os.O_APPEND|os.O_RDWR|os.O_CREATE, 0600) + f, err := os.OpenFile(storeFile, os.O_APPEND|os.O_RDWR|os.O_CREATE, 0660) if err != nil { log.Printf("error: startPermanentStore: failed to open file: %v\n", err) } diff --git a/scripts/steward/create-docker-compose-files/main.go b/scripts/steward/create-docker-compose-files/main.go index cb5273a..5a08ba0 100644 --- a/scripts/steward/create-docker-compose-files/main.go +++ b/scripts/steward/create-docker-compose-files/main.go @@ -51,7 +51,7 @@ func generateNkeys(fileDir string) error { } func writekey(fileName string, b []byte) error { - fh, err := os.OpenFile(fileName, os.O_CREATE|os.O_TRUNC|os.O_RDWR, 0600) + fh, err := os.OpenFile(fileName, os.O_CREATE|os.O_TRUNC|os.O_RDWR, 0660) if err != nil { return fmt.Errorf("error: failed to open create/open file for writing: %v", err) } diff --git a/server.go b/server.go index 95f96f3..5a359b6 100644 --- a/server.go +++ b/server.go @@ -130,7 +130,7 @@ func NewServer(configuration *Configuration, version string) (*server, error) { // Check if tmp folder for socket exists, if not create it if _, err := os.Stat(configuration.SocketFolder); os.IsNotExist(err) { - err := os.MkdirAll(configuration.SocketFolder, 0700) + err := os.MkdirAll(configuration.SocketFolder, 0770) if err != nil { cancel() return nil, fmt.Errorf("error: failed to create socket folder directory %v: %v", configuration.SocketFolder, err) @@ -194,7 +194,7 @@ func NewServer(configuration *Configuration, version string) (*server, error) { if configuration.SubscribersDataFolder == "" { return nil, fmt.Errorf("error: subscribersDataFolder value is empty, you need to provide the config or the flag value at startup %v: %v", configuration.SubscribersDataFolder, err) } - err := os.Mkdir(configuration.SubscribersDataFolder, 0700) + err := os.Mkdir(configuration.SubscribersDataFolder, 0770) if err != nil { return nil, fmt.Errorf("error: failed to create data folder directory %v: %v", configuration.SubscribersDataFolder, err) } diff --git a/tui.go b/tui.go index d85d2a9..64cf682 100644 --- a/tui.go +++ b/tui.go @@ -606,7 +606,7 @@ func (t *tui) messageSlide(app *tview.Application) tview.Primitive { } if _, err := os.Stat(messageFolder); os.IsNotExist(err) { - err := os.MkdirAll(messageFolder, 0700) + err := os.MkdirAll(messageFolder, 0770) if err != nil { fmt.Fprintf(p.logForm, "error: failed to create messages folder: %v\n", err) return