diff options
| author |   Damjan Marion <damarion@cisco.com> | 2017-06-21 12:01:37 +0200 |
|---|---|---|
| committer |   Dave Barach <openvpp@barachs.net> | 2017-06-21 15:22:40 +0000 |
| commit | f6616388113efa59e5278c75e5223612d209d4a0 (patch) | |
| tree | ebf3379bf5c49dfeb9fee4f21296a60d46135e74 | |
| parent | a54230d4e79e088b13f581e301846fc3e259548e (diff) | |
Add option to create clib_socket with group write permissions
Also allow group write as default for CLI socket connections.
Change-Id: I6af1f277f70581358cd9241bf0f5cb0752fe250f
Signed-off-by: Damjan Marion <damarion@cisco.com>
| -rw-r--r-- | src/vlib/unix/cli.c | 5 | ||||
| -rw-r--r-- | src/vppinfra/socket.c | 9 | ||||
| -rw-r--r-- | src/vppinfra/socket.h | 1 |
3 files changed, 14 insertions, 1 deletions
diff --git a/src/vlib/unix/cli.c b/src/vlib/unix/cli.c index 74dea161388..953d133c69c 100644 --- a/src/vlib/unix/cli.c +++ b/src/vlib/unix/cli.c @@ -57,6 +57,8 @@ #include <unistd.h> #include <arpa/telnet.h> #include <sys/ioctl.h> +#include <sys/types.h> +#include <unistd.h> /** ANSI escape code. */ #define ESC "\x1b" @@ -2640,7 +2642,8 @@ unix_cli_config (vlib_main_t * vm, unformat_input_t * input) /* CLI listen. */ unix_file_t template = { 0 }; - s->flags = SOCKET_IS_SERVER; /* listen, don't connect */ + s->flags = SOCKET_IS_SERVER | /* listen, don't connect */ + SOCKET_ALLOW_GROUP_WRITE; /* PF_LOCAL socket only */ error = clib_socket_init (s); if (error) diff --git a/src/vppinfra/socket.c b/src/vppinfra/socket.c index 99b353fcd52..4c23c235109 100644 --- a/src/vppinfra/socket.c +++ b/src/vppinfra/socket.c @@ -38,6 +38,7 @@ #include <sys/un.h> #include <sys/types.h> #include <sys/socket.h> +#include <sys/stat.h> #include <netinet/in.h> #include <arpa/inet.h> #include <netdb.h> @@ -348,6 +349,14 @@ clib_socket_init (clib_socket_t * s) error = clib_error_return_unix (0, "listen"); goto done; } + if (addr.sa.sa_family == PF_LOCAL + && s->flags & SOCKET_ALLOW_GROUP_WRITE) + { + struct stat st = { 0 }; + stat (((struct sockaddr_un *) &addr)->sun_path, &st); + st.st_mode |= S_IWGRP; + chmod (((struct sockaddr_un *) &addr)->sun_path, st.st_mode); + } } else { diff --git a/src/vppinfra/socket.h b/src/vppinfra/socket.h index 08e22e7eb61..75037208d5d 100644 --- a/src/vppinfra/socket.h +++ b/src/vppinfra/socket.h @@ -58,6 +58,7 @@ typedef struct _socket_t #define SOCKET_IS_SERVER (1 << 0) #define SOCKET_IS_CLIENT (0 << 0) #define SOCKET_NON_BLOCKING_CONNECT (1 << 1) +#define SOCKET_ALLOW_GROUP_WRITE (1 << 2) /* Read returned end-of-file. */ #define SOCKET_RX_END_OF_FILE (1 << 2) |