From 1f5734bb8d8397013615c368b8845abb3e74bab5 Mon Sep 17 00:00:00 2001
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
Date: Tue, 24 Nov 2015 09:43:13 +0100
Subject: [PATCH] allow rx permissions for group/world on .subvol dirs

vdisk_alloc comes in with an umask of 0037, which means the
.subvol dir has permissions 0740, which means that the root
directory of containers has permissions 0740, essentially
preventing the users inside a container from accessing
anything.
---
 PVE/Storage/Plugin.pm | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/PVE/Storage/Plugin.pm b/PVE/Storage/Plugin.pm
index 2638476..6aa71e0 100644
--- a/PVE/Storage/Plugin.pm
+++ b/PVE/Storage/Plugin.pm
@@ -571,7 +571,11 @@ sub alloc_image {
 	# only allow this if size = 0, so that user knows what he is doing
 	die "storage does not support subvol quotas\n" if $size != 0;
 	
-	(mkdir $path) || die "unable to create subvol '$path' - $!\n";
+	my $old_umask = umask(0022);
+	my $err;
+	mkdir($path) or $err = "unable to create subvol '$path' - $!\n";
+	umask $old_umask;
+	die $err if $err;
     } else {
 	my $cmd = ['/usr/bin/qemu-img', 'create'];