[icinga-checkins] icinga.org: icinga-core/test/ido: idoutils: add socket_perm to set unix socket permissions (Lennart Betz) #2659

git at icinga.org git at icinga.org
Mon Aug 20 15:28:51 CEST 2012


Module: icinga-core
Branch: test/ido
Commit: a8dd2b1d1d7b03fd0bd6014c1da3c370a95d707a
URL:    https://git.icinga.org/?p=icinga-core.git;a=commit;h=a8dd2b1d1d7b03fd0bd6014c1da3c370a95d707a

Author: Michael Friedrich <michael.friedrich at gmail.com>
Date:   Sat Aug 11 21:18:03 2012 +0200

idoutils: add socket_perm to set unix socket permissions (Lennart Betz) #2659

thanks!

refs #2659

---

 Changelog                                   |    4 ++++
 THANKS                                      |    1 +
 module/idoutils/config/ido2db.cfg-sample.in |   10 ++++++++++
 module/idoutils/src/ido2db.c                |    9 +++++++++
 4 files changed, 24 insertions(+), 0 deletions(-)

diff --git a/Changelog b/Changelog
index ca7ad1d..8674cf9 100644
--- a/Changelog
+++ b/Changelog
@@ -41,6 +41,7 @@ ENHANCEMENTS
 * idoutils: fix doubled quotes by skipping escaping data (Oracle only) #2534 - TD
 * idoutils: change hasfunc to use sdbm algorithm for hashing precached objects #2792i - MF/GB
 * idoutils: add disable_notif_expire_time to programstatus table - #905 - MF
+* idoutils: add socket_perm to set unix socket permissions (Lennart Betz) #2659 - MF
 
 * install: add --with-mainurl to configure, allowing to set the main frame target url for index.html #2611 - MF
 * icinga.spec: use --with-mainurl to set the default to /icinga/cgi-bin/status.cgi?host=all&type=detail&servicestatustypes=29 #2611 - MF
@@ -87,6 +88,9 @@ CHANGES
 
 * idoutils: add disable_notif_expire_time to programstatus table #905
 
+* ido2db.cfg: new config option
+	** socket_perm (default 0755) #2659
+
 
 1.7.1 - 18/06/2012
 
diff --git a/THANKS b/THANKS
index b2f04ee..dbb9c4d 100644
--- a/THANKS
+++ b/THANKS
@@ -39,6 +39,7 @@ in various ways.  If we missed your name, let us know.
 * Sven-Göran Bergh
 * Tom Bertelson
 * Joel Berry
+* Lennart Betz
 * Olivier Beytrison
 * Christoph Biedl
 * Dennis Biringer
diff --git a/module/idoutils/config/ido2db.cfg-sample.in b/module/idoutils/config/ido2db.cfg-sample.in
index ab90e27..d6e16b0 100644
--- a/module/idoutils/config/ido2db.cfg-sample.in
+++ b/module/idoutils/config/ido2db.cfg-sample.in
@@ -43,6 +43,16 @@ socket_name=@IDOSOCKFILE@
 
 
 
+# SOCKET PERMISSIONS
+# This option determines the permissions of the Unix domain
+# socket. This option is only valid if the socket type specified
+# above is "unix". Default permissions are set to 0755.
+
+socket_perm=0755
+
+
+
+
 # TCP PORT
 # This option determines what port the daemon will listen for
 # connections on.  This option is only vlaid if the socket type
diff --git a/module/idoutils/src/ido2db.c b/module/idoutils/src/ido2db.c
index 99dba31..880fb06 100644
--- a/module/idoutils/src/ido2db.c
+++ b/module/idoutils/src/ido2db.c
@@ -64,6 +64,7 @@ char *ido2db_group = NULL;
 int ido2db_sd = 0;
 int ido2db_socket_type = IDO_SINK_UNIXSOCKET;
 char *ido2db_socket_name = NULL;
+mode_t ido2db_socket_perm = 0755;
 
 int ido2db_tcp_port = IDO_DEFAULT_TCP_PORT;
 int ido2db_use_inetd = IDO_FALSE;
@@ -479,6 +480,8 @@ int ido2db_process_config_var(char *arg) {
 	} else if (!strcmp(var, "socket_name")) {
 		if ((ido2db_socket_name = strdup(val)) == NULL)
 			return IDO_ERROR;
+	} else if (!strcmp(var, "socket_perm")) {
+		ido2db_socket_perm = strtoul(val, NULL, 8);
 	} else if (!strcmp(var, "tcp_port")) {
 		ido2db_tcp_port = atoi(val);
 	} else if (!strcmp(var, "db_servertype")) {
@@ -1087,6 +1090,12 @@ int ido2db_wait_for_connections(void) {
 			return IDO_ERROR;
 		}
 
+		if (chmod(ido2db_socket_name, ido2db_socket_perm) < 0) {
+			close(ido2db_sd);
+			perror("Could not bind socket");
+			return IDO_ERROR;
+		}
+
 		client_address_length = (socklen_t)sizeof(client_address_u);
 	}
 





More information about the icinga-checkins mailing list