Rename force_umask to override_umask and make it private to sudoers.c.

Add getter for policy.c.

plugins/sudoers/policy.c

@@ -946,7 +946,7 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[],
 	if (asprintf(&command_info[info_len++], "umask=0%o", (unsigned int)cmnd_umask) == -1)
 	    goto oom;
     }
-    if (force_umask) {
+    if (sudoers_override_umask()) {
 	if ((command_info[info_len++] = strdup("umask_override=true")) == NULL)
 	    goto oom;
     }

plugins/sudoers/sudoers.c

@@ -83,13 +83,13 @@ static void set_callbacks(void);
  */
 struct sudo_user sudo_user;
 struct passwd *list_pw;
-bool force_umask;
 int sudo_mode;
 
 static char *prev_user;
 static struct sudo_nss_list *snl;
 static bool unknown_runas_uid;
 static bool unknown_runas_gid;
+static bool override_umask;
 static int cmnd_status = -1;
 static struct defaults_list initial_defaults = TAILQ_HEAD_INITIALIZER(initial_defaults);
 
@@ -1670,8 +1670,8 @@ cb_umask(const char *file, int line, int column,
 {
     debug_decl(cb_umask, SUDOERS_DEBUG_PLUGIN);
 
-    /* Force umask if explicitly set in sudoers. */
-    force_umask = sd_un->mode != ACCESSPERMS;
+    /* Override umask if explicitly set in sudoers. */
+    override_umask = sd_un->mode != ACCESSPERMS;
 
     debug_return_bool(true);
 }
@@ -2050,6 +2050,12 @@ tty_present(void)
     debug_return_bool(true);
 }
 
+bool
+sudoers_override_umask(void)
+{
+    return override_umask;
+}
+
 /*
  * Free memory allocated for struct sudo_user.
  */

plugins/sudoers/sudoers.h

@@ -429,10 +429,10 @@ int sudoers_check_cmnd(int argc, char *const argv[], char *env_add[], void *clos
 int sudoers_list(int argc, char *const argv[], const char *list_user, bool verbose);
 int sudoers_validate_user(void);
 void sudoers_cleanup(void);
+bool sudoers_override_umask(void);
 void sudo_user_free(void);
 extern struct sudo_user sudo_user;
 extern struct passwd *list_pw;
-extern bool force_umask;
 extern int sudo_mode;
 extern int sudoedit_nfiles;
 extern sudo_conv_t sudo_conv;