incorrect permissions in files created

Yann Berthier yb at sainte-barbe.org
Thu May 23 08:30:46 EDT 2002 

   
   Hi list !

   As stated in the subject, I'm seeing a problem with permissions of
   output files created by argus clients. 

   First and foremost: I tried only with the 2.0.5 flavor, on my
   FreeBSD-CURRENT box, and on a Linux box. Same effects here and there
   :)

   So to the problem: 

   (/tmp/blah is a valid argus file, /tmp/toto does not exist)

[yb at ogoun 12:04]% ra -r /tmp/blah -w /tmp/toto
ra[13556]: ArgusWriteNewLogfile(/tmp/toto, 0x806b2c0) open error Permission denied

[yb at ogoun 12:05]% ls -l /tmp/toto
-r-x------  1 yb  wheel  292 May 23 12:05 /tmp/toto


   Other examples as well:

[yb at ogoun 10:52]% argus -r /tmp/blah -w - | ramon -M Matrix -n -c -g -w /tmp/toto

[yb at ogoun 10:52]% ls -l /tmp/toto
--w----r-x  1 yb  wheel  88520 May 23 10:52 /tmp/toto*

[yb at ogoun 10:51]% argus -r /tmp/blah  -w - | ramon -M Matrix -n -c -g -w - | rasort -s srcaddr -s dstaddr -n -c -g -w /tmp/ramon_output1.arg
rasort[12254]: ArgusWriteNewLogfile(/tmp/ramon_output1.arg, 0x8168200) open error Permission denied

[yb at ogoun 10:51]% ls -l /tmp/ramon_output1.arg
----------  1 yb  yb      296 May 23 10:51 ramon_output1.arg


   Of course if you touch the output file before, its permissions
   remain, so no problem.

   BTW, the problem seems to come from common/argus_parse.c :

   Line 2647, open() doesn't specify a mode for the file if the file
   doesn't exist.

   The following patch solves the problem for me, or am I overlooking
   something here ?


--- common/argus_parse.c.orig	Thu May 23 14:15:32 2002
+++ common/argus_parse.c	Thu May 23 14:17:03 2002
@@ -2644,7 +2644,7 @@
 
    if (file) {
       if (strcmp (file, "-")) {
-         if ((fd = open (file, O_WRONLY|O_CREAT|O_APPEND)) >= 0) {
+         if ((fd = open (file, O_WRONLY|O_CREAT|O_APPEND, 0640)) >= 0) {
             if (fstat (fd, &buf) >= 0) {
                if (buf.st_size == 0)
                   if ((write (fd, (char *)&ArgusInput->ArgusInitCon, ntohs(ArgusInput->ArgusInitCon.ahdr.length))) < 0)


   Cheers,

   - yann.

-- 
   Yann.Berthier at hsc.fr -*- HSC -*- http://www.hsc.fr/

More information about the argus mailing list