[ovs-dev] [PATCH] Fix socket permissions on Linux

Aaron Conole aconole at bytheb.org
Thu Aug 16 22:58:54 UTC 2018


Terry Wilson <twilson at redhat.com> writes:

> On Thu, Aug 16, 2018 at 4:57 PM, Ben Pfaff <blp at ovn.org> wrote:
>> On Thu, Aug 16, 2018 at 07:55:09PM +0000, Terry Wilson wrote:
>>> Unix sockets were not being created with the permission 0770,
>>> instead using the current umask value. The manpage for fchmod()
>>> states that that if filedes refers to a socket, the behavior is
>>> undefined. Insetad, use the same code as *BSD to ensure the 0770
>>> permission is set on unix sockets.
>>>
>>> Signed-off-by: Terry Wilson <twilson at redhat.com>
>>
>> It's extraordinarily expensive to fork() to make a single system call.
>
> I agree it is ridiculously ugly, though it isn't like this is
> something that is done in a tight loop anywhere either.
>
>> As far as I can tell, the existing code actually works on Linux, in the
>> same way as the third 'mode' parameter to open(2).
>
> It doesn't (and never has) on my Centos 7 machine. I ran into this a
> couple of years ago and ended up just working around it. As an example
> after make rpm-fedora and installing:
> [centos at test x86_64]$ ls -al /var/run/openvswitch/db.sock
> srwxr-x---.  1 openvswitch openvswitch    0 Aug 16 22:09 db.sock
>
> So we've got 0750 and not 0770 like the hardcoded value in the source.
>
>> Surely there's a better way to do this.
>
> I *hope* so. I mean it certainly seems like something one would want
> to be able to do, but I remember looking for a couple of days 2 years
> ago and giving up. umask seemed like the only reliable option.
> Whatever the solution is, fchmod is *not* it since it is specifically
> undefined behavior to use it on a socket. I'll try with ubuntu and see
> what happens there, but wouldn't imagine it to be different.

So...

Gather 'round folks, and let me tell you the tale of a series long
ago posted:

https://mail.openvswitch.org/pipermail/ovs-dev/2016-August/321866.html

Something... something ... black magic...
I think the fchmod needs to happen after the bind for the permissions
to actually be changed.  That's how the unit tests in that series are
coded.

> From man 3 fchmod:
> DESCRIPTION
> ...
> If fildes refers to a socket, the behavior of fchmod() is unspecified.
> ...

I think that's because some unixes don't even honor permissions on
sockets, and some don't allow any changing of those permissions.

> Terry


More information about the dev mailing list