Index: channels/chan_zap.c =================================================================== --- channels/chan_zap.c (revision 29695) +++ channels/chan_zap.c (working copy) @@ -9185,7 +9185,7 @@ for (i=0;idchannels[i]) break; - pri->fds[i] = open("/dev/zap/channel", O_RDWR, 0600); + pri->fds[i] = open("/dev/zap/channel", O_RDWR); x = pri->dchannels[i]; if ((pri->fds[i] < 0) || (ioctl(pri->fds[i],ZT_SPECIFY,&x) == -1)) { ast_log(LOG_ERROR, "Unable to open D-channel %d (%s)\n", x, strerror(errno)); @@ -9302,7 +9302,7 @@ if (ast_strlen_zero(argv[4])) return RESULT_SHOWUSAGE; - myfd = open(argv[4], O_CREAT|O_WRONLY); + myfd = open(argv[4], O_CREAT|O_WRONLY, AST_FILE_MODE); if (myfd < 0) { ast_cli(fd, "Unable to open '%s' for writing\n", argv[4]); return RESULT_SUCCESS; Index: channels/chan_iax2.c =================================================================== --- channels/chan_iax2.c (revision 29695) +++ channels/chan_iax2.c (working copy) @@ -1324,7 +1324,7 @@ ast_log(LOG_WARNING, "Cannot open '%s': %s\n", s, strerror(errno)); return -1; } - fd = open(s2, O_RDWR | O_CREAT | O_EXCL); + fd = open(s2, O_RDWR | O_CREAT | O_EXCL, AST_FILE_MODE); if (fd < 0) { ast_log(LOG_WARNING, "Cannot open '%s' for writing: %s\n", s2, strerror(errno)); close(ifd); Index: app.c =================================================================== --- app.c (revision 29695) +++ app.c (working copy) @@ -551,7 +551,7 @@ end = start = time(NULL); /* pre-initialize end to be same as start in case we never get into loop */ for (x = 0; x < fmtcnt; x++) { - others[x] = ast_writefile(prepend ? prependfile : recordfile, sfmt[x], comment, O_TRUNC, 0, 0700); + others[x] = ast_writefile(prepend ? prependfile : recordfile, sfmt[x], comment, O_TRUNC, 0, AST_FILE_MODE); if (option_verbose > 2) ast_verbose(VERBOSE_PREFIX_3 "x=%d, open writing: %s format: %s, %p\n", x, prepend ? prependfile : recordfile, sfmt[x], others[x]); @@ -923,7 +923,7 @@ } snprintf(fs, strlen(path) + 19, "%s/.lock-%08lx", path, ast_random()); - fd = open(fs, O_WRONLY | O_CREAT | O_EXCL, 0600); + fd = open(fs, O_WRONLY | O_CREAT | O_EXCL, AST_FILE_MODE); if (fd < 0) { fprintf(stderr, "Unable to create lock file '%s': %s\n", path, strerror(errno)); return AST_LOCK_PATH_NOT_FOUND; Index: apps/app_chanspy.c =================================================================== --- apps/app_chanspy.c (revision 29695) +++ apps/app_chanspy.c (working copy) @@ -441,7 +441,7 @@ if (recbase) { char filename[512]; snprintf(filename,sizeof(filename),"%s/%s.%d.raw",ast_config_AST_MONITOR_DIR, recbase, (int)time(NULL)); - if ((fd = open(filename, O_CREAT | O_WRONLY | O_TRUNC, 0644)) <= 0) { + if ((fd = open(filename, O_CREAT | O_WRONLY | O_TRUNC, AST_FILE_MODE)) <= 0) { ast_log(LOG_WARNING, "Cannot open %s for recording\n", filename); fd = 0; } Index: apps/app_dictate.c =================================================================== --- apps/app_dictate.c (revision 29695) +++ apps/app_dictate.c (working copy) @@ -151,7 +151,7 @@ } snprintf(path, len, "%s/%s", base, filein); - fs = ast_writefile(path, "raw", NULL, O_CREAT|O_APPEND, 0, 0700); + fs = ast_writefile(path, "raw", NULL, O_CREAT|O_APPEND, 0, AST_FILE_MODE); mode = DMODE_PLAY; memset(&flags, 0, sizeof(flags)); ast_set_flag(&flags, DFLAG_PAUSE); @@ -308,7 +308,7 @@ } else { oflags |= O_APPEND; } - fs = ast_writefile(path, "raw", NULL, oflags, 0, 0700); + fs = ast_writefile(path, "raw", NULL, oflags, 0, AST_FILE_MODE); if (ast_test_flag(&flags, DFLAG_TRUNC)) { ast_seekstream(fs, 0, SEEK_SET); ast_clear_flag(&flags, DFLAG_TRUNC); Index: apps/app_festival.c =================================================================== --- apps/app_festival.c (revision 29695) +++ apps/app_festival.c (working copy) @@ -417,7 +417,7 @@ snprintf(cachefile, sizeof(cachefile), "%s/%s", cachedir, MD5Hex); fdesc=open(cachefile,O_RDWR); if (fdesc==-1) { - fdesc=open(cachefile,O_CREAT|O_RDWR,0777); + fdesc=open(cachefile,O_CREAT|O_RDWR,AST_FILE_MODE); if (fdesc!=-1) { writecache=1; strln=strlen((char *)data); Index: apps/app_mixmonitor.c =================================================================== --- apps/app_mixmonitor.c (revision 29695) +++ apps/app_mixmonitor.c (working copy) @@ -181,7 +181,7 @@ ext = "raw"; } - fs = ast_writefile(mixmonitor->filename, ext, NULL, oflags, 0, 0644); + fs = ast_writefile(mixmonitor->filename, ext, NULL, oflags, 0, AST_FILE_MODE); if (!fs) { ast_log(LOG_ERROR, "Cannot open %s.%s\n", mixmonitor->filename, ext); goto out; Index: apps/app_meetme.c =================================================================== --- apps/app_meetme.c (revision 29695) +++ apps/app_meetme.c (working copy) @@ -2341,7 +2341,7 @@ break; } if (!s && cnf->recordingfilename && (cnf->recordingfilename != oldrecordingfilename)) { - s = ast_writefile(cnf->recordingfilename, cnf->recordingformat, NULL, flags, 0, 0644); + s = ast_writefile(cnf->recordingfilename, cnf->recordingformat, NULL, flags, 0, AST_FILE_MODE); oldrecordingfilename = cnf->recordingfilename; } Index: apps/app_voicemail.c =================================================================== --- apps/app_voicemail.c (revision 29695) +++ apps/app_voicemail.c (working copy) @@ -1,4 +1,5 @@ /* +:1 * Asterisk -- An open source telephony toolkit. * * Copyright (C) 1999 - 2006, Digium, Inc. @@ -919,7 +920,7 @@ odbc_release_obj(obj); goto yuck; } - fd = open(full_fn, O_RDWR | O_CREAT | O_TRUNC, 0770); + fd = open(full_fn, O_RDWR | O_CREAT | O_TRUNC, VOICEMAIL_FILE_MODE); if (fd < 0) { ast_log(LOG_WARNING, "Failed to write '%s': %s\n", full_fn, strerror(errno)); SQLFreeHandle (SQL_HANDLE_STMT, stmt); Index: apps/app_record.c =================================================================== --- apps/app_record.c (revision 29695) +++ apps/app_record.c (working copy) @@ -239,7 +239,7 @@ flags = option_append ? O_CREAT|O_APPEND|O_WRONLY : O_CREAT|O_TRUNC|O_WRONLY; - s = ast_writefile( tmp, ext, NULL, flags , 0, 0644); + s = ast_writefile( tmp, ext, NULL, flags , 0, AST_FILE_MODE); if (!s) { ast_log(LOG_WARNING, "Could not create file %s\n", filename); Index: db.c =================================================================== --- db.c (revision 29695) +++ db.c (working copy) @@ -63,7 +63,7 @@ static int dbinit(void) { - if (!astdb && !(astdb = dbopen((char *)ast_config_AST_DB, O_CREAT | O_RDWR, 0664, DB_BTREE, NULL))) { + if (!astdb && !(astdb = dbopen((char *)ast_config_AST_DB, O_CREAT | O_RDWR, AST_FILE_MODE, DB_BTREE, NULL))) { ast_log(LOG_WARNING, "Unable to open Asterisk database\n"); return -1; } Index: include/asterisk.h =================================================================== --- include/asterisk.h (revision 29695) +++ include/asterisk.h (working copy) @@ -20,6 +20,16 @@ #include "asterisk/compat.h" +/* Default to allowing the umask or filesystem ACLs to determine actual file + * creation permissions + */ +#ifndef AST_DIR_MODE +#define AST_DIR_MODE 0777 +#endif +#ifndef AST_FILE_MODE +#define AST_FILE_MODE 0666 +#endif + #define DEFAULT_LANGUAGE "en" #define DEFAULT_SAMPLE_RATE 8000 @@ -42,7 +52,9 @@ extern char ast_config_AST_PID[AST_CONFIG_MAX_PATH]; extern char ast_config_AST_SOCKET[AST_CONFIG_MAX_PATH]; extern char ast_config_AST_RUN_DIR[AST_CONFIG_MAX_PATH]; -extern char ast_config_AST_CTL_PERMISSIONS[AST_CONFIG_MAX_PATH]; +extern mode_t ast_config_AST_CTL_PERMISSIONS; +extern mode_t ast_config_AST_DIR_PERMISSIONS; +extern mode_t AST_FILE_MODE; extern char ast_config_AST_CTL_OWNER[AST_CONFIG_MAX_PATH]; extern char ast_config_AST_CTL_GROUP[AST_CONFIG_MAX_PATH]; extern char ast_config_AST_CTL[AST_CONFIG_MAX_PATH]; Index: res/res_monitor.c =================================================================== --- res/res_monitor.c (revision 29695) +++ res/res_monitor.c (working copy) @@ -196,7 +196,7 @@ } if (!(monitor->read_stream = ast_writefile(monitor->read_filename, monitor->format, NULL, - O_CREAT|O_TRUNC|O_WRONLY, 0, 0644))) { + O_CREAT|O_TRUNC|O_WRONLY, 0, AST_FILE_MODE))) { ast_log(LOG_WARNING, "Could not create file %s\n", monitor->read_filename); free(monitor); @@ -208,7 +208,7 @@ } if (!(monitor->write_stream = ast_writefile(monitor->write_filename, monitor->format, NULL, - O_CREAT|O_TRUNC|O_WRONLY, 0, 0644))) { + O_CREAT|O_TRUNC|O_WRONLY, 0, AST_FILE_MODE))) { ast_log(LOG_WARNING, "Could not create file %s\n", monitor->write_filename); ast_closestream(monitor->read_stream); Index: res/res_agi.c =================================================================== --- res/res_agi.c (revision 29695) +++ res/res_agi.c (working copy) @@ -893,7 +893,7 @@ if (res) { fdprintf(agi->fd, "200 result=%d (randomerror) endpos=%ld\n", res, sample_offset); } else { - fs = ast_writefile(argv[2], argv[3], NULL, O_CREAT | O_WRONLY | (sample_offset ? O_APPEND : 0), 0, 0644); + fs = ast_writefile(argv[2], argv[3], NULL, O_CREAT | O_WRONLY | (sample_offset ? O_APPEND : 0), 0, AST_FILE_MODE); if (!fs) { res = -1; fdprintf(agi->fd, "200 result=%d (writefile)\n", res); Index: res/res_convert.c =================================================================== --- res/res_convert.c (revision 29695) +++ res/res_convert.c (working copy) @@ -88,7 +88,7 @@ ast_cli(fd, "'%s' is an invalid filename!\n", argv[2]); goto fail_out; } - if (!(fs_out = ast_writefile(name_out, ext_out, NULL, O_CREAT|O_TRUNC|O_WRONLY, 0, 0644))) { + if (!(fs_out = ast_writefile(name_out, ext_out, NULL, O_CREAT|O_TRUNC|O_WRONLY, 0, AST_FILE_MODE))) { ast_cli(fd, "Unable to open output file: %s\n", argv[2]); goto fail_out; } Index: file.c =================================================================== --- file.c (revision 29695) +++ file.c (working copy) @@ -217,7 +217,7 @@ ast_log(LOG_WARNING, "Unable to open %s in read-only mode\n", infile); return -1; } - if ((ofd = open(outfile, O_WRONLY | O_TRUNC | O_CREAT, 0600)) < 0) { + if ((ofd = open(outfile, O_WRONLY | O_TRUNC | O_CREAT, AST_FILE_MODE)) < 0) { ast_log(LOG_WARNING, "Unable to open %s in write-only mode\n", outfile); close(ifd); return -1; Index: cdr/cdr_sqlite.c =================================================================== --- cdr/cdr_sqlite.c (revision 29695) +++ cdr/cdr_sqlite.c (working copy) @@ -189,7 +189,7 @@ /* is the database there? */ snprintf(fn, sizeof(fn), "%s/cdr.db", ast_config_AST_LOG_DIR); - db = sqlite_open(fn, 0660, &zErr); + db = sqlite_open(fn, AST_FILE_MODE, &zErr); if (!db) { ast_log(LOG_ERROR, "cdr_sqlite: %s\n", zErr); free(zErr);