From 2b8c3a05e0a63f3ffd6ba0eeca08a97578ec3a38 Mon Sep 17 00:00:00 2001
From: Mark Johnston <markj@FreeBSD.org>
Date: Sun, 3 Nov 2024 14:41:15 +0000
Subject: [PATCH] syslogd: Set unix socket modes atomically

Take advantage of the ability to atomically set unix socket modes to
ensure that /var/run/logpriv always has mode 0600.

MFC after:	1 month
---
 usr.sbin/syslogd/syslogd.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c
index 12fa61b01bad..98ddb5d9158f 100644
--- a/usr.sbin/syslogd/syslogd.c
+++ b/usr.sbin/syslogd/syslogd.c
@@ -3721,6 +3721,11 @@ socksetup(struct addrinfo *ai, const char *name, mode_t mode)
 	if (ai->ai_family == AF_LOCAL)
 		unlink(name);
 	if (ai->ai_family == AF_LOCAL || NoBind == 0 || name != NULL) {
+		if (ai->ai_family == AF_LOCAL && fchmod(s, mode) < 0) {
+			dprintf("fchmod %s: %s\n", name, strerror(errno));
+			close(s);
+			return (NULL);
+		}
 		if (bind(s, ai->ai_addr, ai->ai_addrlen) < 0) {
 			logerror("bind");
 			close(s);
@@ -3729,11 +3734,6 @@ socksetup(struct addrinfo *ai, const char *name, mode_t mode)
 		if (ai->ai_family == AF_LOCAL || SecureMode == 0)
 			increase_rcvbuf(s);
 	}
-	if (ai->ai_family == AF_LOCAL && chmod(name, mode) < 0) {
-		dprintf("chmod %s: %s\n", name, strerror(errno));
-		close(s);
-		return (NULL);
-	}
 	dprintf("new socket fd is %d\n", s);
 	sl_recv = socklist_recv_sock;
 #if defined(INET) || defined(INET6)