Permalink
Browse files

fix socket path creation

based on this bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915834

It seems that setting the Temp file system to ro overly restricts access
to it such that other applications (like ssh), can't function properly.
That seems like a error to fix in systemd to me, but regardless we
obviously cant use TempDirectory=/path:ro if its going to impact other
applications like that.

Instead specify a specific RuntimeDirectory that systemd can clean up
for us, and modify irqbalance and irqbalance-ui to create the comms
socket there.

Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
  • Loading branch information...
Neil Horman Neil Horman
Neil Horman authored and Neil Horman committed Jan 14, 2019
1 parent d602fbd commit f5ca2eb481ac76b799c8efef5a7b7469bb368fd5
Showing with 3 additions and 3 deletions.
  1. +1 −1 irqbalance.h
  2. +1 −1 misc/irqbalance.service
  3. +1 −1 ui/irqbalance-ui.h
@@ -158,7 +158,7 @@ extern unsigned int log_mask;
#endif /* HAVE_LIBSYSTEMD */

#define SOCKET_PATH "irqbalance"
#define SOCKET_TMPFS "/var/run"
#define SOCKET_TMPFS "/run/irqbalance/"

#endif /* __INCLUDE_GUARD_IRQBALANCE_H_ */

@@ -12,7 +12,7 @@ NoNewPrivileges=yes
ReadOnlyPaths=/
ReadWritePaths=/proc/irq
RestrictAddressFamilies=AF_UNIX
TemporaryFileSystem=/run:ro
RuntimeDirectory=irqbalance/

[Install]
WantedBy=multi-user.target
@@ -8,7 +8,7 @@
#include <glib-unix.h>

#define SOCKET_PATH "irqbalance"
#define SOCKET_TMPFS "/var/run"
#define SOCKET_TMPFS "/run/irqbalance"

#define STATS "stats"
#define SET_SLEEP "settings sleep "

0 comments on commit f5ca2eb

Please sign in to comment.