libmu_dbm: Functions for DB creation take default safety flags in their last argument.

* configure.ac (check_dbm_impl): Fix improper usage of expr in BDB=* case.
* include/mailutils/dbm.h (mu_dbm_create_from_url)
(mu_dbm_create): Take default safety flags as the last argument.
* libmailutils/base/filesafety.c (_check_linkwrdir): Check for both
hard and symbolic links.  Fix the latter check.
* libmailutils/tests/fsaf.at: Add check for softlink in a writable dir.
* libmu_dbm/create.c (mu_dbm_create): Take default file safety as the
last argument.
* libmu_dbm/dbm.c (mu_dbm_create_from_url): Likewise.
* maidag/mailquota.c (dbm_retrieve_quota): Update call to mu_dbm_create.
Impose MU_FILE_SAFETY_ALL by default.
* mu/dbm.c (open_db_file): Update call to mu_dbm_create.  No checks
by default.
* pop3d/apop.c (pop3d_apopuser): Update call to mu_dbm_create.  Use
apop_database_safety as the default checks.
* pop3d/bulletin.c (read_bulletin_db,write_bulletin_db): Update calls to
mu_dbm_create.  Use DEFAULT_GROUP_DB_SAFETY as default.
* pop3d/logindelay.c (open_stat_db): Update call to mu_dbm_create.
Use DEFAULT_GROUP_DB_SAFETY as default.
* pop3d/pop3d.c (apop_database_safety): Initialize to MU_FILE_SAFETY_ALL.
(apop_database_safety_set): Remove.
* pop3d/pop3d.h (apop_database_safety_set): Remove.
* pop3d/popauth.c (open_db_file): Update call to mu_dbm_create.  Use
safety_flags by default.

6 files changed, 14 insertions, 26 deletions

diff --git a/pop3d/apop.c b/pop3d/apop.c
index ac9fbd792..5f27ff84b 100644
--- a/pop3d/apop.c
+++ b/pop3d/apop.c
@@ -50,16 +50,13 @@ pop3d_apopuser (const char *user)
     mu_dbm_file_t db;
     struct mu_dbm_datum key, data;
 
-    rc = mu_dbm_create (apop_database_name, &db);
+    rc = mu_dbm_create (apop_database_name, &db, apop_database_safety);
     if (rc)
       {
 	mu_diag_output (MU_DIAG_ERROR, _("unable to create APOP db"));
 	return NULL;
       }
 
-    if (apop_database_safety_set)
-      mu_dbm_safety_set_flags (db, apop_database_safety);
-    
     rc = mu_dbm_safety_check (db);
     if (rc)
       {
diff --git a/pop3d/bulletin.c b/pop3d/bulletin.c
index 47efe6196..5efd7776f 100644
--- a/pop3d/bulletin.c
+++ b/pop3d/bulletin.c
@@ -126,7 +126,7 @@ read_bulletin_db (size_t *pnum)
   size_t s;
   char *p;
 
-  rc = mu_dbm_create (bulletin_db_name, &db);
+  rc = mu_dbm_create (bulletin_db_name, &db, DEFAULT_GROUP_DB_SAFETY);
   if (rc)
     {
       mu_diag_output (MU_DIAG_ERROR, _("unable to create bulletin db"));
@@ -220,15 +220,13 @@ write_bulletin_db (size_t num)
   int rc;
   const char *p;
   
-  rc = mu_dbm_create (bulletin_db_name, &db);
+  rc = mu_dbm_create (bulletin_db_name, &db, DEFAULT_GROUP_DB_SAFETY);
   if (rc)
     {
       mu_diag_output (MU_DIAG_ERROR, _("unable to create bulletin db"));
       return rc;
     }
 
-  mu_dbm_safety_set_flags (db, DEFAULT_GROUP_DB_SAFETY);
-
   rc = mu_dbm_safety_check (db);
   if (rc && rc != ENOENT)
     {
diff --git a/pop3d/logindelay.c b/pop3d/logindelay.c
index f61d6d278..1fc93d137 100644
--- a/pop3d/logindelay.c
+++ b/pop3d/logindelay.c
@@ -25,15 +25,13 @@ open_stat_db (int mode)
   mu_dbm_file_t db;
   int rc;
 
-  rc = mu_dbm_create (login_stat_file, &db);
+  rc = mu_dbm_create (login_stat_file, &db, DEFAULT_GROUP_DB_SAFETY);
   if (rc)
     {
       mu_diag_output (MU_DIAG_ERROR, _("unable to create statistics db"));
       return NULL;
     }
 
-  mu_dbm_safety_set_flags (db, DEFAULT_GROUP_DB_SAFETY);
-  
   rc = mu_dbm_safety_check (db);
   if (rc && rc != ENOENT)
     {
diff --git a/pop3d/pop3d.c b/pop3d/pop3d.c
index 2639bd63f..776b059fd 100644
--- a/pop3d/pop3d.c
+++ b/pop3d/pop3d.c
@@ -33,8 +33,7 @@ int debug_mode;
 int tls_required;
 int pop3d_xlines;
 char *apop_database_name = APOP_PASSFILE;
-int apop_database_safety;
-int apop_database_safety_set;
+int apop_database_safety = MU_FILE_SAFETY_ALL;
 
 #ifdef WITH_TLS
 int tls_available;
@@ -92,7 +91,6 @@ cb2_file_safety_checks (const char *name, void *data)
 static int
 cb_apop_safety_checks (void *data, mu_config_value_t *arg)
 {
-  apop_database_safety_set = 1;
   return mu_cfg_string_value_cb (arg, cb2_file_safety_checks,
 				 &apop_database_safety);
 }
diff --git a/pop3d/pop3d.h b/pop3d/pop3d.h
index d61f24846..978ab59e6 100644
--- a/pop3d/pop3d.h
+++ b/pop3d/pop3d.h
@@ -199,7 +199,6 @@ extern size_t pop3d_output_bufsize;
 extern int pop3d_xlines;
 extern char *apop_database_name;
 extern int apop_database_safety;
-extern int apop_database_safety_set;
 
 /* Safety checks for group-rw database files, such as stat and bulletin
    databases */
diff --git a/pop3d/popauth.c b/pop3d/popauth.c
index 8ae7c95bf..827116b81 100644
--- a/pop3d/popauth.c
+++ b/pop3d/popauth.c
@@ -273,15 +273,6 @@ open_db_file (int action, struct action_data *ap, int *my_file)
 
   uid = getuid ();
 
-  rc = mu_dbm_create (db_name, &db);
-  if (rc)
-    {
-      mu_diag_output (MU_DIAG_ERROR, _("unable to create database %s: %s"),
-		      db_name, mu_strerror (rc));
-      exit (EX_SOFTWARE);
-    }
-
-  //  mu_dbm_safety_set_owner (db, uid);
   /* Adjust safety flags */
   if (permissions & 0002)
     safety_flags &= ~MU_FILE_SAFETY_WORLD_WRITABLE;
@@ -291,8 +282,15 @@ open_db_file (int action, struct action_data *ap, int *my_file)
     safety_flags &= ~MU_FILE_SAFETY_GROUP_WRITABLE;
   if (permissions & 0040)
     safety_flags &= ~MU_FILE_SAFETY_GROUP_READABLE;
-  
-  mu_dbm_safety_set_flags (db, safety_flags);
+
+  rc = mu_dbm_create (db_name, &db, safety_flags);
+  if (rc)
+    {
+      mu_diag_output (MU_DIAG_ERROR, _("unable to create database %s: %s"),
+		      db_name, mu_strerror (rc));
+      exit (EX_SOFTWARE);
+    }
+
   rc = mu_dbm_safety_check (db);
   if (rc && rc != ENOENT)
     {