Added config params to customize UNIX sock perms & ownership

This commit is contained in:
Daniel P. Berrange 2007-09-19 02:28:01 +00:00
parent 8f4e48edff
commit e1f4399150
4 changed files with 104 additions and 4 deletions

View File

@ -1,3 +1,10 @@
Tue Sep 18 22:22:00 EST 2007 Daniel P. Berrange <berrange@redhat.com>
* qemud/qemud.c: Allow customization of UNIX socket permissions
and group ownership from config file
* docs/libvir.html: Added docs on UNIX socket perms & group owner
config parameters
Tue Sep 18 21:34:00 EST 2007 Daniel P. Berrange <berrange@redhat.com>
* configure.in: Added checks for locating Avahi.

View File

@ -2210,6 +2210,34 @@ Blank lines and comments beginning with <code>#</code> are ignored.
</td>
</tr>
<tr>
<td> unix_sock_group <i>"groupname"</i> </td>
<td> "root" </td>
<td>
The UNIX group to own the UNIX domain socket. If the socket permissions allow
group access, then applications running under matching group can access the
socket. Only valid if running as root
</td>
</tr>
<tr>
<td> unix_sock_ro_perms <i>"octal-perms"</i> </td>
<td> "0777" </td>
<td>
The permissions for the UNIX domain socket for read-only client connections.
The default allows any user to monitor domains.
</td>
</tr>
<tr>
<td> unix_sock_rw_perms <i>"octal-perms"</i> </td>
<td> "0700" </td>
<td>
The permissions for the UNIX domain socket for read-write client connections.
The default allows only root to manage domains.
</td>
</tr>
<tr>
<td> tls_no_verify_certificate <i>[0|1]</i> </td>
<td> 0 (certificates are verified) </td>

View File

@ -484,6 +484,25 @@ Blank lines and comments beginning with <code>#</code> are ignored.
includes the machine's short hostname. This must be unique to the
local LAN segment.
</td>
</tr><tr><td> unix_sock_group <i>"groupname"</i> </td>
<td> "root" </td>
<td>
The UNIX group to own the UNIX domain socket. If the socket permissions allow
group access, then applications running under matching group can access the
socket. Only valid if running as root
</td>
</tr><tr><td> unix_sock_ro_perms <i>"octal-perms"</i> </td>
<td> "0777" </td>
<td>
The permissions for the UNIX domain socket for read-only client connections.
The default allows any user to monitor domains.
</td>
</tr><tr><td> unix_sock_rw_perms <i>"octal-perms"</i> </td>
<td> "0700" </td>
<td>
The permissions for the UNIX domain socket for read-write client connections.
The default allows only root to manage domains.
</td>
</tr><tr><td> tls_no_verify_certificate <i>[0|1]</i> </td>
<td> 0 (certificates are verified) </td>
<td>

View File

@ -48,6 +48,7 @@
#include <getopt.h>
#include <assert.h>
#include <fnmatch.h>
#include <grp.h>
#include <libvirt/virterror.h>
@ -72,6 +73,10 @@ static int listen_tcp = 0;
static const char *tls_port = LIBVIRTD_TLS_PORT;
static const char *tcp_port = LIBVIRTD_TCP_PORT;
static gid_t unix_sock_gid = 0; /* Only root by default */
static int unix_sock_rw_perms = 0700; /* Allow user only */
static int unix_sock_ro_perms = 0777; /* Allow world */
#ifdef HAVE_AVAHI
static int mdns_adv = 1;
static const char *mdns_name = NULL;
@ -449,6 +454,7 @@ static int qemudListenUnix(struct qemud_server *server,
struct qemud_socket *sock = calloc(1, sizeof(struct qemud_socket));
struct sockaddr_un addr;
mode_t oldmask;
gid_t oldgrp;
if (!sock) {
qemudLog(QEMUD_ERR, "Failed to allocate memory for struct qemud_socket");
@ -475,16 +481,19 @@ static int qemudListenUnix(struct qemud_server *server,
addr.sun_path[0] = '\0';
if (readonly)
oldmask = umask(~(S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH));
else
oldmask = umask(~(S_IRUSR | S_IWUSR));
oldgrp = getgid();
oldmask = umask(readonly ? ~unix_sock_ro_perms : ~unix_sock_rw_perms);
if (getuid() == 0)
setgid(unix_sock_gid);
if (bind(sock->fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
qemudLog(QEMUD_ERR, "Failed to bind socket to '%s': %s",
path, strerror(errno));
goto cleanup;
}
umask(oldmask);
if (getuid() == 0)
setgid(oldgrp);
if (listen(sock->fd, 30) < 0) {
qemudLog(QEMUD_ERR, "Failed to listen for connections on '%s': %s",
@ -1556,6 +1565,43 @@ remoteReadConfigFile (const char *filename)
CHECK_TYPE ("tcp_port", VIR_CONF_STRING);
tcp_port = p ? strdup (p->str) : tcp_port;
p = virConfGetValue (conf, "unix_sock_group");
CHECK_TYPE ("unix_sock_group", VIR_CONF_STRING);
if (p && p->str) {
if (getuid() != 0) {
qemudLog (QEMUD_WARN, "Cannot set group when not running as root");
} else {
struct group *grp = getgrnam(p->str);
if (!grp) {
qemudLog (QEMUD_ERR, "Failed to lookup group '%s'", p->str);
return -1;
}
unix_sock_gid = grp->gr_gid;
}
}
p = virConfGetValue (conf, "unix_sock_ro_perms");
CHECK_TYPE ("unix_sock_ro_perms", VIR_CONF_STRING);
if (p && p->str) {
char *tmp = NULL;
unix_sock_ro_perms = strtol(p->str, &tmp, 8);
if (*tmp) {
qemudLog (QEMUD_ERR, "Failed to parse mode '%s'", p->str);
return -1;
}
}
p = virConfGetValue (conf, "unix_sock_rw_perms");
CHECK_TYPE ("unix_sock_rw_perms", VIR_CONF_STRING);
if (p && p->str) {
char *tmp = NULL;
unix_sock_rw_perms = strtol(p->str, &tmp, 8);
if (*tmp) {
qemudLog (QEMUD_ERR, "Failed to parse mode '%s'", p->str);
return -1;
}
}
#ifdef HAVE_AVAHI
p = virConfGetValue (conf, "mdns_adv");
CHECK_TYPE ("mdns_adv", VIR_CONF_LONG);