diff options
| author | Irbe Krumina <irbe@tailscale.com> | 2025-02-26 09:02:40 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-02-26 17:02:40 +0000 |
| commit | c174d3c795a906214cf6bd63ffc3618555296db5 (patch) | |
| tree | edee223e4a94e20ec6806b42f4f1c84f4eecc8f5 /scripts | |
| parent | 820bdb870a414d9a5d2131f80649d0fa98a74819 (diff) | |
| download | tailscale-c174d3c795a906214cf6bd63ffc3618555296db5.tar.xz tailscale-c174d3c795a906214cf6bd63ffc3618555296db5.zip | |
scripts/installer.sh: ensure default umask for the installer (#15139)
Ensures default Linux umask 022 for the installer script to
make sure that files created by the installer can be accessed
by other tools, such as apt.
Updates tailscale/tailscale#15133
Signed-off-by: Irbe Krumina <irbe@tailscale.com>
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/installer.sh | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/scripts/installer.sh b/scripts/installer.sh index 3bd392b93..388dd5a56 100755 --- a/scripts/installer.sh +++ b/scripts/installer.sh @@ -7,6 +7,14 @@ set -eu +# Ensure that this script runs with the default umask for Linux. In practice, +# this means that files created by this script (such as keyring files) will be +# created with 644 permissions. This ensures that keyrings and other files +# created by this script are readable by installers on systems where the +# umask is set to a more restrictive value. +# See https://github.com/tailscale/tailscale/issues/15133 +umask 022 + # All the code is wrapped in a main function that gets called at the # bottom of the file, so that a truncated partial download doesn't end # up executing half a script. |