net-firewall/nftables: Touch rules-save with right umask

[gentoo.git] / net-firewall / nftables / nftables-0.9.1-r1.ebuild

diff --git a/net-firewall/nftables/nftables-0.9.1-r1.ebuild b/net-firewall/nftables/nftables-0.9.1-r1.ebuild
index 5752d73a1b962d32792bd0ef11a3c9c84f201981..ef662d78f71675352ed236a97a74f337a5145608 100644 (file)
--- a/net-firewall/nftables/nftables-0.9.1-r1.ebuild
+++ b/net-firewall/nftables/nftables-0.9.1-r1.ebuild
@@ -130,7 +130,7 @@ pkg_postinst() {
        # In order for the nftables-restore systemd service to start
        # the save_file must exist.
        if [[ ! -f "${save_file}" ]]; then
-               touch "${save_file}"
+               ( umask 177; touch "${save_file}" )
        elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then
                ewarn "Your system has dangerous permissions for ${save_file}"
                ewarn "It is probably affected by bug #691326."