# HG changeset patch
# User Andre Heinecke <andre.heinecke@intevation.de>
# Date 1409332711 -7200
# Node ID 1cd1bfe82fc2e1a8a1602d3201449639e6fbc2cd
# Parent  ca89cf228a5b82a8aaec6badb57ef42c0d636d98
(issue86) Fix Firefox / Thunderbird default profile path and make created files readable.

diff -r ca89cf228a5b -r 1cd1bfe82fc2 cinst/mozilla.c
--- a/cinst/mozilla.c	Fri Aug 29 18:35:56 2014 +0200
+++ b/cinst/mozilla.c	Fri Aug 29 19:18:31 2014 +0200
@@ -66,6 +66,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <sys/types.h>
+#include <sys/stat.h>
 
 #define DEBUGPREFIX "MOZ-"
 #include "logging.h"
@@ -80,16 +81,18 @@
 #ifndef _WIN32
 #define CONFDIRS ".mozilla", ".thunderbird"
 /* Default installation directory of ubuntu 14.4 is respected */
-#define MOZILLA_DEFAULTS "/etc/thunderbird", "/etc/firefox"
+#define MOZILLA_DEFAULTS "/usr/lib/thunderbird/defaults", "/usr/lib/firefox/browser/defaults"
+#define MOZILLA_DBNAMES "cert8.db", "key3.db", "secmod.db"
 #define NSSSHARED ".pki/nssdb"
 #define NSSSHARED_GLOBAL "/etc/skel/.pki/nssdb"
 #define TARGET_LINUX 1
 #define DIRSEP "/"
 #else
 #define MOZILLA_DEFAULTS "Mozilla Firefox\\browser\\defaults", "Mozilla Thunderbird\\defaults"
+#define MOZILLA_DBNAMES NULL
 #define CONFDIRS "Mozilla", "Thunderbird"
 #define NSSSHARED ""
-#define TARGET_LINUX 0
+#define TARGET_LINUX NULL
 #define DIRSEP "\\"
 #endif
 
@@ -304,6 +307,46 @@
   return inis;
 }
 
+
+/** @brief make the default nss databases readable.
+ *
+ *  This uses the static paths definied in this code to ensure
+ *  that only the defaults are touched.
+ *
+ */
+#ifndef WIN32
+static void
+make_defaults_readable()
+{
+  const char *confdirs[] = { MOZILLA_DEFAULTS, NULL };
+  const char *filenames[] = { MOZILLA_DBNAMES, NULL };
+
+  mode_t access_mask = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH;
+
+  for (int i=0; confdirs[i] != NULL; i++)
+    {
+      for (int j=0; filenames[j] != NULL; j++)
+        {
+          char *realpath = NULL,
+               *path = NULL;
+          xasprintf (&path, "%s/profile/%s", confdirs[i], filenames[j]);
+          realpath = port_realpath(path);
+          xfree(path);
+          if (!realpath)
+            {
+              syslog_error_printf("Failed to find %s \n", realpath);
+              continue;
+            }
+          if (chmod(realpath, access_mask))
+            {
+              syslog_error_printf("Failed to set access_mask on file.\n");
+            }
+          xfree (realpath);
+        }
+    }
+}
+#endif
+
 /**
  * @brief Collect the default profile directories for mozilla software
  *
@@ -764,7 +807,6 @@
     }
 }
 
-
 int
 main (int argc, char **argv)
 {
@@ -820,6 +862,13 @@
         DEBUG_nss_list_certs(dbdirs[i]);
 #endif
 
+#ifndef WIN32
+      if (is_elevated())
+        {
+          make_defaults_readable();
+        }
+#endif
+
       strv_free(dbdirs);
     }