interimap, pullimap: Ensure DB and statefiles are created with mode 0600.

It wasn't the case for interimap(1), see https://bugs.debian.org/608604 … Fortunately we create $XDG_DATA_HOME/interimap with a secure mode, but there is no reason to have the DB world-readable. Since we can't rely on SQLITE_OPEN_CREATE for secure mode we use sysopen(,,O_CREAT,0600).
author: Guilhem Moulin <guilhem@fripost.org> 2022-02-23 22:30:45 +0100
committer: Guilhem Moulin <guilhem@fripost.org> 2022-02-23 23:43:58 +0100
commit: 2447861913835637bbf49d96728ce9ac6ab0ae22 (patch)
tree: 4f865a799547eb6b2a6728de37e65a6f07665b4e /tests/run
parent: 4d36557a007f06196affe14afd1a2bd2a4945c44 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/tests/run b/tests/run
index 230ca83..eed77df 100755
--- a/tests/run
+++ b/tests/run
@@ -228,13 +228,16 @@ _interimap_cmd() {
 }
 interimap_init() {
     local u="${1-remote}"
-    local db="$XDG_DATA_HOME/interimap/$u.db"
+    local db="$XDG_DATA_HOME/interimap/$u.db" st
     local cfg="config${u#remote}"
 
     test \! -e "$db"          || error "Database already exists" 1
     interimap --config "$cfg" || error "Couldn't initialize interimap" 1
     test -f "$db"             || error "Database is still missing" 1
     grep -Fx "Creating new schema in database file $db" <"$STDERR" || error "DB wasn't created" 1
+    if ! st="$(stat -c"%#a" -- "$db")" || [ "$st" != "0600" ]; then
+        error "$db has mode $st != 0600" 1
+    fi
 }
 doveadm() {
     if [ $# -le 2 ] || [ "$1" != "-u" ]; then
author	Guilhem Moulin <guilhem@fripost.org>	2022-02-23 22:30:45 +0100
committer	Guilhem Moulin <guilhem@fripost.org>	2022-02-23 23:43:58 +0100
commit	2447861913835637bbf49d96728ce9ac6ab0ae22 (patch)
tree	4f865a799547eb6b2a6728de37e65a6f07665b4e /tests/run
parent	4d36557a007f06196affe14afd1a2bd2a4945c44 (diff)