Index: channels/chan_zap.c =================================================================== --- channels/chan_zap.c (revision 41826) +++ channels/chan_zap.c (working copy) @@ -9264,7 +9264,7 @@ for (i = 0; i < NUM_DCHANS; i++) { if (!pri->dchannels[i]) break; - pri->fds[i] = open("/dev/zap/channel", O_RDWR, 0600); + pri->fds[i] = open("/dev/zap/channel", O_RDWR); x = pri->dchannels[i]; if ((pri->fds[i] < 0) || (ioctl(pri->fds[i],ZT_SPECIFY,&x) == -1)) { ast_log(LOG_ERROR, "Unable to open D-channel %d (%s)\n", x, strerror(errno)); @@ -9381,7 +9381,7 @@ if (ast_strlen_zero(argv[4])) return RESULT_SHOWUSAGE; - myfd = open(argv[4], O_CREAT|O_WRONLY); + myfd = open(argv[4], O_CREAT|O_WRONLY, AST_FILE_MODE); if (myfd < 0) { ast_cli(fd, "Unable to open '%s' for writing\n", argv[4]); return RESULT_SUCCESS; Index: channels/chan_iax2.c =================================================================== --- channels/chan_iax2.c (revision 41826) +++ channels/chan_iax2.c (working copy) @@ -1339,7 +1339,7 @@ ast_log(LOG_WARNING, "Cannot open '%s': %s\n", s, strerror(errno)); return -1; } - fd = open(s2, O_RDWR | O_CREAT | O_EXCL); + fd = open(s2, O_RDWR | O_CREAT | O_EXCL, AST_FILE_MODE); if (fd < 0) { ast_log(LOG_WARNING, "Cannot open '%s' for writing: %s\n", s2, strerror(errno)); close(ifd); Index: apps/app_chanspy.c =================================================================== --- apps/app_chanspy.c (revision 41826) +++ apps/app_chanspy.c (working copy) @@ -600,7 +600,7 @@ char filename[512]; snprintf(filename, sizeof(filename), "%s/%s.%d.raw", ast_config_AST_MONITOR_DIR, recbase, (int) time(NULL)); - if ((fd = open(filename, O_CREAT | O_WRONLY | O_TRUNC, 0644)) <= 0) { + if ((fd = open(filename, O_CREAT | O_WRONLY | O_TRUNC, AST_FILE_MODE)) <= 0) { ast_log(LOG_WARNING, "Cannot open '%s' for recording\n", filename); fd = 0; } @@ -683,7 +683,7 @@ char filename[512]; snprintf(filename, sizeof(filename), "%s/%s.%d.raw", ast_config_AST_MONITOR_DIR, recbase, (int) time(NULL)); - if ((fd = open(filename, O_CREAT | O_WRONLY | O_TRUNC, 0644)) <= 0) { + if ((fd = open(filename, O_CREAT | O_WRONLY | O_TRUNC, AST_FILE_MODE)) <= 0) { ast_log(LOG_WARNING, "Cannot open '%s' for recording\n", filename); fd = 0; } Index: apps/app_dictate.c =================================================================== --- apps/app_dictate.c (revision 41826) +++ apps/app_dictate.c (working copy) @@ -150,7 +150,7 @@ } snprintf(path, len, "%s/%s", base, filein); - fs = ast_writefile(path, "raw", NULL, O_CREAT|O_APPEND, 0, 0700); + fs = ast_writefile(path, "raw", NULL, O_CREAT|O_APPEND, 0, AST_FILE_MODE); mode = DMODE_PLAY; memset(&flags, 0, sizeof(flags)); ast_set_flag(&flags, DFLAG_PAUSE); @@ -307,7 +307,7 @@ } else { oflags |= O_APPEND; } - fs = ast_writefile(path, "raw", NULL, oflags, 0, 0700); + fs = ast_writefile(path, "raw", NULL, oflags, 0, AST_FILE_MODE); if (ast_test_flag(&flags, DFLAG_TRUNC)) { ast_seekstream(fs, 0, SEEK_SET); ast_clear_flag(&flags, DFLAG_TRUNC); Index: apps/app_festival.c =================================================================== --- apps/app_festival.c (revision 41826) +++ apps/app_festival.c (working copy) @@ -418,7 +418,7 @@ snprintf(cachefile, sizeof(cachefile), "%s/%s", cachedir, MD5Hex); fdesc=open(cachefile,O_RDWR); if (fdesc==-1) { - fdesc=open(cachefile,O_CREAT|O_RDWR,0777); + fdesc=open(cachefile,O_CREAT|O_RDWR,AST_FILE_MODE); if (fdesc!=-1) { writecache=1; strln=strlen((char *)data); Index: apps/app_mixmonitor.c =================================================================== --- apps/app_mixmonitor.c (revision 41826) +++ apps/app_mixmonitor.c (working copy) @@ -276,7 +276,7 @@ } /* Move onto actually creating the filestream */ - mixmonitor->fs = ast_writefile(file_name, ext, NULL, oflags, 0, 0644); + mixmonitor->fs = ast_writefile(file_name, ext, NULL, oflags, 0, AST_FILE_MODE); if (!mixmonitor->fs) { ast_log(LOG_ERROR, "Cannot open %s.%s\n", file_name, ext); free(mixmonitor); Index: apps/app_meetme.c =================================================================== --- apps/app_meetme.c (revision 41826) +++ apps/app_meetme.c (working copy) @@ -2837,7 +2837,7 @@ break; } if (!s && cnf->recordingfilename && (cnf->recordingfilename != oldrecordingfilename)) { - s = ast_writefile(cnf->recordingfilename, cnf->recordingformat, NULL, flags, 0, 0644); + s = ast_writefile(cnf->recordingfilename, cnf->recordingformat, NULL, flags, 0, AST_FILE_MODE); oldrecordingfilename = cnf->recordingfilename; } Index: apps/app_voicemail.c =================================================================== --- apps/app_voicemail.c (revision 41826) +++ apps/app_voicemail.c (working copy) @@ -1,4 +1,5 @@ /* +:1 * Asterisk -- An open source telephony toolkit. * * Copyright (C) 1999 - 2006, Digium, Inc. @@ -1047,7 +1048,7 @@ odbc_release_obj(obj); goto yuck; } - fd = open(full_fn, O_RDWR | O_CREAT | O_TRUNC, 0770); + fd = open(full_fn, O_RDWR | O_CREAT | O_TRUNC, VOICEMAIL_FILE_MODE); if (fd < 0) { ast_log(LOG_WARNING, "Failed to write '%s': %s\n", full_fn, strerror(errno)); SQLFreeHandle (SQL_HANDLE_STMT, stmt); Index: apps/app_directory.c =================================================================== --- apps/app_directory.c (revision 41826) +++ apps/app_directory.c (working copy) @@ -142,7 +142,7 @@ SQLFreeHandle(SQL_HANDLE_STMT, stmt); break; } - fd = open(full_fn, O_RDWR | O_CREAT | O_TRUNC, 0770); + fd = open(full_fn, O_RDWR | O_CREAT | O_TRUNC, AST_FILE_MODE); if (fd < 0) { ast_log(LOG_WARNING, "Failed to write '%s': %s\n", full_fn, strerror(errno)); SQLFreeHandle(SQL_HANDLE_STMT, stmt); Index: apps/app_record.c =================================================================== --- apps/app_record.c (revision 41826) +++ apps/app_record.c (working copy) @@ -238,7 +238,7 @@ flags = option_append ? O_CREAT|O_APPEND|O_WRONLY : O_CREAT|O_TRUNC|O_WRONLY; - s = ast_writefile( tmp, ext, NULL, flags , 0, 0644); + s = ast_writefile( tmp, ext, NULL, flags , 0, AST_FILE_MODE); if (!s) { ast_log(LOG_WARNING, "Could not create file %s\n", filename); Index: include/asterisk.h =================================================================== --- include/asterisk.h (revision 41826) +++ include/asterisk.h (working copy) @@ -24,6 +24,16 @@ #include "asterisk/paths.h" +/* Default to allowing the umask or filesystem ACLs to determine actual file + * creation permissions + */ +#ifndef AST_DIR_MODE +#define AST_DIR_MODE 0777 +#endif +#ifndef AST_FILE_MODE +#define AST_FILE_MODE 0666 +#endif + #define DEFAULT_LANGUAGE "en" #define DEFAULT_SAMPLE_RATE 8000 Index: main/app.c =================================================================== --- main/app.c (revision 41826) +++ main/app.c (working copy) @@ -542,7 +542,7 @@ end = start = time(NULL); /* pre-initialize end to be same as start in case we never get into loop */ for (x = 0; x < fmtcnt; x++) { - others[x] = ast_writefile(prepend ? prependfile : recordfile, sfmt[x], comment, O_TRUNC, 0, 0700); + others[x] = ast_writefile(prepend ? prependfile : recordfile, sfmt[x], comment, O_TRUNC, 0, AST_FILE_MODE); if (option_verbose > 2) ast_verbose(VERBOSE_PREFIX_3 "x=%d, open writing: %s format: %s, %p\n", x, prepend ? prependfile : recordfile, sfmt[x], others[x]); @@ -913,7 +913,7 @@ } snprintf(fs, strlen(path) + 19, "%s/.lock-%08lx", path, ast_random()); - fd = open(fs, O_WRONLY | O_CREAT | O_EXCL, 0600); + fd = open(fs, O_WRONLY | O_CREAT | O_EXCL, AST_FILE_MODE); if (fd < 0) { ast_log(LOG_ERROR, "Unable to create lock file '%s': %s\n", path, strerror(errno)); return AST_LOCK_PATH_NOT_FOUND; Index: main/db.c =================================================================== --- main/db.c (revision 41826) +++ main/db.c (working copy) @@ -62,7 +62,7 @@ static int dbinit(void) { - if (!astdb && !(astdb = dbopen((char *)ast_config_AST_DB, O_CREAT | O_RDWR, 0664, DB_BTREE, NULL))) { + if (!astdb && !(astdb = dbopen((char *)ast_config_AST_DB, O_CREAT | O_RDWR, AST_FILE_MODE, DB_BTREE, NULL))) { ast_log(LOG_WARNING, "Unable to open Asterisk database\n"); return -1; } Index: main/file.c =================================================================== --- main/file.c (revision 41826) +++ main/file.c (working copy) @@ -213,7 +213,7 @@ ast_log(LOG_WARNING, "Unable to open %s in read-only mode\n", infile); return -1; } - if ((ofd = open(outfile, O_WRONLY | O_TRUNC | O_CREAT, 0600)) < 0) { + if ((ofd = open(outfile, O_WRONLY | O_TRUNC | O_CREAT, AST_FILE_MODE)) < 0) { ast_log(LOG_WARNING, "Unable to open %s in write-only mode\n", outfile); close(ifd); return -1; Index: res/res_monitor.c =================================================================== --- res/res_monitor.c (revision 41826) +++ res/res_monitor.c (working copy) @@ -196,7 +196,7 @@ } if (!(monitor->read_stream = ast_writefile(monitor->read_filename, monitor->format, NULL, - O_CREAT|O_TRUNC|O_WRONLY, 0, 0644))) { + O_CREAT|O_TRUNC|O_WRONLY, 0, AST_FILE_MODE))) { ast_log(LOG_WARNING, "Could not create file %s\n", monitor->read_filename); free(monitor); @@ -208,7 +208,7 @@ } if (!(monitor->write_stream = ast_writefile(monitor->write_filename, monitor->format, NULL, - O_CREAT|O_TRUNC|O_WRONLY, 0, 0644))) { + O_CREAT|O_TRUNC|O_WRONLY, 0, AST_FILE_MODE))) { ast_log(LOG_WARNING, "Could not create file %s\n", monitor->write_filename); ast_closestream(monitor->read_stream); Index: res/res_agi.c =================================================================== --- res/res_agi.c (revision 41826) +++ res/res_agi.c (working copy) @@ -940,7 +940,7 @@ if (res) { fdprintf(agi->fd, "200 result=%d (randomerror) endpos=%ld\n", res, sample_offset); } else { - fs = ast_writefile(argv[2], argv[3], NULL, O_CREAT | O_WRONLY | (sample_offset ? O_APPEND : 0), 0, 0644); + fs = ast_writefile(argv[2], argv[3], NULL, O_CREAT | O_WRONLY | (sample_offset ? O_APPEND : 0), 0, AST_FILE_MODE); if (!fs) { res = -1; fdprintf(agi->fd, "200 result=%d (writefile)\n", res); Index: res/res_convert.c =================================================================== --- res/res_convert.c (revision 41826) +++ res/res_convert.c (working copy) @@ -88,7 +88,7 @@ ast_cli(fd, "'%s' is an invalid filename!\n", argv[2]); goto fail_out; } - if (!(fs_out = ast_writefile(name_out, ext_out, NULL, O_CREAT|O_TRUNC|O_WRONLY, 0, 0644))) { + if (!(fs_out = ast_writefile(name_out, ext_out, NULL, O_CREAT|O_TRUNC|O_WRONLY, 0, AST_FILE_MODE))) { ast_cli(fd, "Unable to open output file: %s\n", argv[2]); goto fail_out; } Index: cdr/cdr_sqlite.c =================================================================== --- cdr/cdr_sqlite.c (revision 41826) +++ cdr/cdr_sqlite.c (working copy) @@ -181,7 +181,7 @@ /* is the database there? */ snprintf(fn, sizeof(fn), "%s/cdr.db", ast_config_AST_LOG_DIR); - db = sqlite_open(fn, 0660, &zErr); + db = sqlite_open(fn, AST_FILE_MODE, &zErr); if (!db) { ast_log(LOG_ERROR, "cdr_sqlite: %s\n", zErr); free(zErr);