[Buildroot] [PATCH] package/openssh: reset umask when init script exits

Will Eccles will at eccles.dev
Mon Oct 18 20:30:37 UTC 2021


S50sshd updates umask to 077, but does not reset it when it exits. This
results in the root user's umask being configured incorrectly (assuming
a default of 022 or otherwise). This patch adds a trap to reset umask
when the script exits. This is convenient on systems where, for example,
configs such as /etc/profile may not be sourced by the root user. It may
also prevent issues with other init scripts which may inherit this umask
unintentionally, leading to improper permissions elsewhere in the
system.

Signed-off-by: Will Eccles <will at eccles.dev>
---
Backport to: 2021.02.6, 2021.08.1
(These are the releases on buildroot.org as of this writing, but as far
as I can tell, even releases as far back as 2012 have the same problem.)
---
 package/openssh/S50sshd | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/package/openssh/S50sshd b/package/openssh/S50sshd
index 22da41d1ca..94cf4c14e8 100644
--- a/package/openssh/S50sshd
+++ b/package/openssh/S50sshd
@@ -6,6 +6,8 @@
 # Make sure the ssh-keygen progam exists
 [ -f /usr/bin/ssh-keygen ] || exit 0
 
+# Reset uname at exit
+trap "uname $(uname)" EXIT
 umask 077
 
 start() {
-- 
2.33.1



More information about the buildroot mailing list