Add option to disable 077 umask (create new files with system default umask)

The option is only effective for either wallet-less builds or if -disablewallet is specified as well.
2025-01-25 18:53:23 -03:00 · 2014-06-04 13:16:07 +02:00 · 2014-06-04 13:16:07 +02:00 · 34d5fc050d
commit 34d5fc050d
parent 358a61ee06
1 changed files with 29 additions and 2 deletions
--- a/src/init.cpp
+++ b/src/init.cpp
@ -210,6 +210,13 @@ std::string HelpMessage(HelpMessageMode hmm)
    strUsage += "  -pid=<file>            " + _("Specify pid file (default: bitcoind.pid)") + "\n";
    strUsage += "  -reindex               " + _("Rebuild block chain index from current blk000??.dat files") + " " + _("on startup") + "\n";
    strUsage += "  -txindex               " + _("Maintain a full transaction index (default: 0)") + "\n";
+#if !defined(WIN32)
+#ifdef ENABLE_WALLET
+    strUsage += "  -laxperms              " + _("Create new files with system default permissions, instead of umask 077 (only effective with -disablewallet)") + "\n";
+#else
+    strUsage += "  -laxperms              " + _("Create new files with system default permissions, instead of umask 077") + "\n";
+#endif
+#endif

    strUsage += "\n" + _("Connection options:") + "\n";
    strUsage += "  -addnode=<ip>          " + _("Add a node to connect to and attempt to keep the connection open") + "\n";
@ -422,8 +429,6 @@ bool AppInit2(boost::thread_group& threadGroup)
    }
 #endif
 #ifndef WIN32
-    umask(077);
-
    // Clean shutdown on SIGTERM
    struct sigaction sa;
    sa.sa_handler = HandleSIGTERM;
@ -587,6 +592,28 @@ bool AppInit2(boost::thread_group& threadGroup)
 #endif
    // ********************************************************* Step 4: application initialization: dir lock, daemonize, pidfile, debug log

+#ifndef WIN32
+    bool fCanUseLaxPerms = false;
+
+#ifdef ENABLE_WALLET
+    if (fDisableWallet)
+        fCanUseLaxPerms = true;
+#else
+    fCanUseLaxPerms = true;
+#endif //ENABLE_WALLET
+
+    if (!GetBoolArg("-laxperms", false)) {
+        umask(077);
+    } else {
+        if (fCanUseLaxPerms) {
+            LogPrintf("Using non-restrictive permissions (not setting umask to 077)\n");
+        } else {
+            umask(077);
+            InitWarning("Using non-restrictive permissions is not allowed without -disablewallet\n");
+        }
+    }
+#endif //WIN32
+
    std::string strDataDir = GetDataDir().string();
 #ifdef ENABLE_WALLET
    // Wallet file must be a plain filename without a directory