New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

common/admin_socket: add config for admin socket permission bits #11684

Merged
merged 1 commit into from Apr 21, 2017

Conversation

Projects
None yet
5 participants
@runsisi
Contributor

runsisi commented Oct 29, 2016

this is to fix influxdata/telegraf#1657, so other tools, such as telegraf, running as non-root user can gather info from the ceph daemons.

Signed-off-by: runsisi runsisi@zte.com.cn

@runsisi

This comment has been minimized.

Contributor

runsisi commented Nov 5, 2016

hi @liewegas , can you review this for me ?
thank you :)

@overskylab

This comment has been minimized.

overskylab commented Feb 10, 2017

any update on this?

ret = strict_strtol(conf->admin_socket_mode.c_str(), 8, &err);
if (err.empty()) {
if (!(ret & (~07777))) {

This comment has been minimized.

@tchaikov

tchaikov Feb 10, 2017

Contributor

could use ALLPERMS or better off using ACCESSPERMS. for example, what is the use case of applying setuid?

void AdminSocket::chmod(mode_t mode)
{
if (m_sock_fd >= 0) {
int r = ::chmod(m_path.c_str(), mode);

This comment has been minimized.

@liewegas

liewegas Feb 10, 2017

Member

since we have the fd, then let's fchmod instead

This comment has been minimized.

@runsisi

runsisi Feb 13, 2017

Contributor

If fd refers to a socket, the behavior of fchmod() is unspecified[1].

[1] https://linux.die.net/man/3/fchmod

@liewegas liewegas changed the title from admin-socket: add config for admin socket permission bits to common/admin-socket: add config for admin socket permission bits Feb 10, 2017

@liewegas liewegas changed the title from common/admin-socket: add config for admin socket permission bits to common/admin_socket: add config for admin socket permission bits Feb 10, 2017

admin-socket: add config for admin socket permission bits
Signed-off-by: runsisi <runsisi@zte.com.cn>
@runsisi

This comment has been minimized.

Contributor

runsisi commented Feb 13, 2017

@tchaikov @liewegas updated, thanks!

@tchaikov tchaikov added the needs-qa label Mar 20, 2017

@liewegas liewegas merged commit cf5152f into ceph:master Apr 21, 2017

3 checks passed

Signed-off-by all commits in this PR are signed
Details
Unmodifed Submodules submodules for project are unmodified
Details
default Build finished.
Details

@runsisi runsisi deleted the runsisi:wip-fix-asok-mode branch Apr 22, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment