From e455a3e82c7473defd4c6cb586f4203277d0a2cd Mon Sep 17 00:00:00 2001 From: Michele Tartara Date: Fri, 12 Jul 2013 16:12:24 +0000 Subject: [PATCH] Fix permission problem related to Issue 477 Commit 91525dee856951ace940c78b6254a1c7344b4803 fixed Issue 477 but broke "gnt-cluster info". This commit offers a solution to both problems, by changing the permission of the socket instead of changing the permission the confd process is run with. Signed-off-by: Michele Tartara Reviewed-by: Klaus Aehlig --- daemons/daemon-util.in | 2 +- src/Ganeti/Luxi.hs | 8 ++++++-- src/Ganeti/Query/Server.hs | 2 +- test/hs/Test/Ganeti/Luxi.hs | 2 +- 4 files changed, 9 insertions(+), 5 deletions(-) diff --git a/daemons/daemon-util.in b/daemons/daemon-util.in index 89f85c7..158eb1a 100644 --- a/daemons/daemon-util.in +++ b/daemons/daemon-util.in @@ -82,7 +82,7 @@ _daemon_usergroup() { echo "@GNTMASTERUSER@:@GNTMASTERDGROUP@" ;; confd) - echo "@GNTCONFDUSER@:@GNTDAEMONSGROUP@" + echo "@GNTCONFDUSER@:@GNTCONFDGROUP@" ;; luxid) echo "@GNTLUXIDUSER@:@GNTLUXIDGROUP@" diff --git a/src/Ganeti/Luxi.hs b/src/Ganeti/Luxi.hs index 84030da..b0c8b8f 100644 --- a/src/Ganeti/Luxi.hs +++ b/src/Ganeti/Luxi.hs @@ -76,9 +76,11 @@ import Ganeti.Errors import Ganeti.JSON import Ganeti.OpParams (pTagsObject) import Ganeti.OpCodes +import Ganeti.Runtime import qualified Ganeti.Query.Language as Qlang import Ganeti.THH import Ganeti.Types +import Ganeti.Utils -- * Utility functions @@ -222,10 +224,12 @@ getClient path = do return Client { socket=h, rbuf=rf } -- | Creates and returns a server endpoint. -getServer :: FilePath -> IO S.Socket -getServer path = do +getServer :: Bool -> FilePath -> IO S.Socket +getServer setOwner path = do s <- S.socket S.AF_UNIX S.Stream S.defaultProtocol S.bindSocket s (S.SockAddrUnix path) + when setOwner . setOwnerAndGroupFromNames path GanetiConfd $ + ExtraGroup DaemonsGroup S.listen s 5 -- 5 is the max backlog return s diff --git a/src/Ganeti/Query/Server.hs b/src/Ganeti/Query/Server.hs index 53f0d29..3839715 100644 --- a/src/Ganeti/Query/Server.hs +++ b/src/Ganeti/Query/Server.hs @@ -249,7 +249,7 @@ prepMain _ _ = do socket_path <- Path.defaultQuerySocket cleanupSocket socket_path s <- describeError "binding to the Luxi socket" - Nothing (Just socket_path) $ getServer socket_path + Nothing (Just socket_path) $ getServer True socket_path cref <- newIORef (Bad "Configuration not yet loaded") return (socket_path, s, cref) diff --git a/test/hs/Test/Ganeti/Luxi.hs b/test/hs/Test/Ganeti/Luxi.hs index c3097ed..6eb8c12 100644 --- a/test/hs/Test/Ganeti/Luxi.hs +++ b/test/hs/Test/Ganeti/Luxi.hs @@ -126,7 +126,7 @@ prop_ClientServer dnschars = monadicIO $ do -- we need to create the server first, otherwise (if we do it in the -- forked thread) the client could try to connect to it before it's -- ready - server <- run $ Luxi.getServer fpath + server <- run $ Luxi.getServer False fpath -- fork the server responder _ <- run . forkIO $ bracket -- 1.7.10.4