From 1c16fd1ef71f79a874722e670c88449d6d647266 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pawe=C5=82=20Po=C5=82awski?= <ppolawsk@redhat.com>
Date: Wed, 30 Oct 2019 11:50:53 +0100
Subject: [PATCH] selinux: Keep explicite umask() calls

libsemanage < 2.6 use to not set right file mask in our usecase.
It has been fixed by manual umask() call but is no longer needed.
Fix will be keept as a precaution for future libsemanage versions.

Resolves:
https://pagure.io/SSSD/sssd/issue/3583
---
 src/providers/ipa/selinux_child.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/providers/ipa/selinux_child.c b/src/providers/ipa/selinux_child.c
index 925591ec90..1bf4de2c56 100644
--- a/src/providers/ipa/selinux_child.c
+++ b/src/providers/ipa/selinux_child.c
@@ -147,9 +147,10 @@ static int sc_set_seuser(const char *login_name, const char *seuser_name,
     int ret;
     mode_t old_mask;
 
-    /* This is a workaround for
-     * https://bugzilla.redhat.com/show_bug.cgi?id=1186422 to make sure
-     * the directories are created with the expected permissions
+    /* Bug origin: https://bugzilla.redhat.com/show_bug.cgi?id=1186422
+     * This workaround is required for libsemanage < 2.5-13.el7
+     * It will remain here as a precaution in case of unexpected
+     * libsemanage behaviour.
      */
     old_mask = umask(0);
     if (strcmp(seuser_name, "") == 0) {