summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/svm/ssvm.c7
-rw-r--r--src/svm/svm.c4
-rw-r--r--src/svm/svm_common.h2
3 files changed, 12 insertions, 1 deletions
diff --git a/src/svm/ssvm.c b/src/svm/ssvm.c
index e56e6b4523d..c04982de85a 100644
--- a/src/svm/ssvm.c
+++ b/src/svm/ssvm.c
@@ -13,10 +13,12 @@
* limitations under the License.
*/
#include "ssvm.h"
+#include "svm_common.h"
int
ssvm_master_init (ssvm_private_t * ssvm, u32 master_index)
{
+ svm_main_region_t *smr = svm_get_root_rp ()->data_base;
int ssvm_fd;
u8 *ssvm_filename;
u8 junk = 0;
@@ -47,6 +49,11 @@ ssvm_master_init (ssvm_private_t * ssvm, u32 master_index)
return SSVM_API_ERROR_CREATE_FAILURE;
}
+ if (fchmod (ssvm_fd, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP) < 0)
+ clib_unix_warning ("ssvm segment chmod");
+ if (fchown (ssvm_fd, smr->uid, smr->gid) < 0)
+ clib_unix_warning ("ssvm segment chown");
+
if (lseek (ssvm_fd, ssvm->ssvm_size, SEEK_SET) < 0)
{
clib_unix_warning ("lseek");
diff --git a/src/svm/svm.c b/src/svm/svm.c
index 14c5bd9b2aa..f97803cd7af 100644
--- a/src/svm/svm.c
+++ b/src/svm/svm.c
@@ -471,7 +471,7 @@ svm_map_region (svm_map_region_args_t * a)
if (svm_fd >= 0)
{
- if (fchmod (svm_fd, 0770) < 0)
+ if (fchmod (svm_fd, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP) < 0)
clib_unix_warning ("segment chmod");
/* This turns out to fail harmlessly if the client starts first */
if (fchown (svm_fd, a->uid, a->gid) < 0)
@@ -774,6 +774,8 @@ svm_region_init_internal (svm_map_region_args_t * a)
vec_validate (mp, 0);
mp->name_hash = hash_create_string (0, sizeof (uword));
mp->root_path = a->root_path ? format (0, "%s%c", a->root_path, 0) : 0;
+ mp->uid = a->uid;
+ mp->gid = a->gid;
rp->data_base = mp;
svm_pop_heap (oldheap);
}
diff --git a/src/svm/svm_common.h b/src/svm/svm_common.h
index 1f6d83c0a37..ea3ec87a212 100644
--- a/src/svm/svm_common.h
+++ b/src/svm/svm_common.h
@@ -105,6 +105,8 @@ typedef struct
svm_subregion_t *subregions; /* subregion pool */
uword *name_hash;
u8 *root_path;
+ int uid;
+ int gid;
} svm_main_region_t;