From 319331192e8fe2150345e3f7f9a106049a1d69ec Mon Sep 17 00:00:00 2001 From: "Sahdev P. Zala" Date: Mon, 15 Jun 2020 15:07:17 -0400 Subject: [PATCH] pkg: consider umask when use MkdirAll os.MkdirAll creates directory before umask so make sure that a desired permission is set after creating a directory with MkdirAll. Use the existing TouchDirAll function which checks for permission if dir is already exist and when create a new dir. --- etcdmain/etcd.go | 13 +++---------- pkg/transport/listener.go | 18 +++++++++--------- 2 files changed, 12 insertions(+), 19 deletions(-) diff --git a/etcdmain/etcd.go b/etcdmain/etcd.go index bf416caca99..73328a73d52 100644 --- a/etcdmain/etcd.go +++ b/etcdmain/etcd.go @@ -358,16 +358,9 @@ func startProxy(cfg *config) error { } cfg.ec.Dir = filepath.Join(cfg.ec.Dir, "proxy") - if fileutil.Exist(cfg.ec.Dir) { - err = fileutil.CheckDirPermission(cfg.ec.Dir, fileutil.PrivateDirMode) - if err != nil { - return err - } - } else { - err = os.MkdirAll(cfg.ec.Dir, fileutil.PrivateDirMode) - if err != nil { - return err - } + err = fileutil.TouchDirAll(cfg.ec.Dir) + if err != nil { + return err } var peerURLs []string diff --git a/pkg/transport/listener.go b/pkg/transport/listener.go index 3b263f13d48..7260e4d079c 100644 --- a/pkg/transport/listener.go +++ b/pkg/transport/listener.go @@ -115,17 +115,17 @@ func (info TLSInfo) Empty() bool { } func SelfCert(lg *zap.Logger, dirpath string, hosts []string, additionalUsages ...x509.ExtKeyUsage) (info TLSInfo, err error) { - if fileutil.Exist(dirpath) { - err = fileutil.CheckDirPermission(dirpath, fileutil.PrivateDirMode) - if err != nil { - return - } - } else { - if err = os.MkdirAll(dirpath, fileutil.PrivateDirMode); err != nil { - return + info.Logger = lg + err = fileutil.TouchDirAll(dirpath) + if err != nil { + if info.Logger != nil { + info.Logger.Warn( + "cannot create cert directory", + zap.Error(err), + ) } + return } - info.Logger = lg certPath := filepath.Join(dirpath, "cert.pem") keyPath := filepath.Join(dirpath, "key.pem")