On Wed, Sep 19, 2007 at 03:35:50AM +0100, Daniel P. Berrange wrote: > On Tue, Sep 18, 2007 at 04:17:32AM -0400, Daniel Veillard wrote: > > On Tue, Sep 18, 2007 at 05:38:09AM +0100, Daniel P. Berrange wrote: > > > NB, the virConf apis don't seem to recognise Octal numbers when parsing > > > the config file, so I've used strings for the permissions. Not a big deal > > > really unless someone desperately wants to fix the config file parser... > > [...] > > > +static gid_t unix_sock_gid = 0; /* Only root by default */ > > > +static int unix_sock_rw_perms = 0700; /* Allow user only */ > > > +static int unix_sock_ro_perms = 0777; /* Allow world */ > > [...] > > > - if (readonly) > > > - oldmask = umask(~(S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH)); > > > - else > > > - oldmask = umask(~(S_IRUSR | S_IWUSR)); > > > + oldgrp = getgid(); > > > + oldmask = umask(readonly ? ~unix_sock_ro_perms : ~unix_sock_rw_perms); > > > + if (getuid() == 0) > > > + setgid(unix_sock_gid); > > > + > > > > Looks fine but we went from the full macros definition to the pre > > digested octal value. But I'm not old enough to really care :-) > > The umask was wanting a mask, while the configuration file (for end-user > sanity) wants a mode instead. So I figured it was best to simply stick > with mode throughout the code, and simply invert it when passing into > umask at time of use. yeah, it's actually simpler to read and deal with > I added this to CVS & along with the updated docs on the 3 new configuration > parameters for the daemon. Cool, thanks Daniel -- Red Hat Virtualization group http://redhat.com/virtualization/ Daniel Veillard | virtualization library http://libvirt.org/ veillard@xxxxxxxxxx | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/ -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list