Allow update_engine to create executable files.
update_engine creates directories in some cases, such as the "prefs"
directory. With this mask set, the directories created in Android don't
have the executable bit for the owner, so you can't create files inside
those directories. In Chrome OS this is not really a problem because
update_engine runs as root anyway.
This patch removes the executable bit mask for the owner.
Bug: 23186405
Test: Deployed on drangonboard; /data/misc/update_engine/prefs is executable.
Change-Id: I0c3cc8dd5cacae538091d1f8e131f8247cbf8fbf
diff --git a/main.cc b/main.cc
index 0da9fe2..516c72c 100644
--- a/main.cc
+++ b/main.cc
@@ -114,10 +114,11 @@
LOG(INFO) << "Chrome OS Update Engine starting";
// Ensure that all written files have safe permissions.
- // This is a mask, so we _block_ execute for the owner, and ALL
- // permissions for other users.
+ // This is a mask, so we _block_ all permissions for the group owner and other
+ // users but allow all permissions for the user owner. We allow execution
+ // for the owner so we can create directories.
// Done _after_ log file creation.
- umask(S_IXUSR | S_IRWXG | S_IRWXO);
+ umask(S_IRWXG | S_IRWXO);
chromeos_update_engine::UpdateEngineDaemon update_engine_daemon;
int exit_code = update_engine_daemon.Run();