[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v6 02/13] cxenstored: add support for systemd active sockets

To: Ian Campbell <Ian.Campbell@xxxxxxxxxx>
From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
Date: Tue, 8 Jul 2014 05:08:09 +0200
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, David Scott <dave.scott@xxxxxxxxxxxxx>, "Luis R. Rodriguez" <mcgrof@xxxxxxxxxxxxxxxx>
Delivery-date: Tue, 08 Jul 2014 03:08:35 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Fri, Jul 04, 2014 at 03:32:29PM +0100, Ian Campbell wrote:
> On Thu, 2014-07-03 at 19:06 +0200, Luis R. Rodriguez wrote:
> > > > > Is it common in systemd support to validate the input socket's path in
> > > > > this way? As opposed to trusting that the systemd unit file is 
> > > > > correct.
> > > > 
> > > > sd_is_socket_unix() is certainly advised and highly encourged. As
> > > > for the other check -- yes we want that given that we are using
> > > > two socket files specifically in order to avoid having to chmod()
> > > > the socket ourelves. Systemd currently doesn't support having two
> > > > separate sockets in one file with different permissions. From
> > > > what I have seen the order in which systemd sets the sockets and
> > > > maps them to fds will very on the unit socket files you use, this
> > > > approach lets us allow systemd to give them to us in any order
> > > > while my hope is that systemd upstream gets support for just one
> > > > stocket file with multiple permissions.
> > > 
> > > OK.
> > > 
> > > BTW, the permissions on these two sockets should be the same
> > > (read/write),
> > 
> > tools/xenstore/xenstored_core.c uses chmod to change the
> > permissions:
> > 
> >         if (chmod(soc_str, 0600) != 0
> >             || chmod(soc_str_ro, 0660) != 0)
> >                 barf_perror("Could not chmod sockets");
> > 
> > > it's the owner/group which might differ.
> > 
> > On my latest Debian install of the master branch for legacy init
> > my sockets end up being owned by root, who should be owning the
> > sockets?
> 
> My mistake, I thought they were 0660 and root:root and 0660 root:
> $something. But 0600 for the rw makes sense too.
> 
> Default owner should be root:root for both IMHO. The ro socket is there
> for the admin if he wants to chgrp it and put things in that group.

OK my patches upkeep the existing implementation design then.

  Luis

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

References:
- Re: [Xen-devel] [PATCH v6 02/13] cxenstored: add support for systemd active sockets
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH v6 02/13] cxenstored: add support for systemd active sockets
  - From: Luis R. Rodriguez
- Re: [Xen-devel] [PATCH v6 02/13] cxenstored: add support for systemd active sockets
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH v6 02/13] cxenstored: add support for systemd active sockets
  - From: Luis R. Rodriguez
- Re: [Xen-devel] [PATCH v6 02/13] cxenstored: add support for systemd active sockets
  - From: Ian Campbell

Prev by Date: [Xen-devel] [qemu-mainline test] 29009: regressions - FAIL
Next by Date: Re: [Xen-devel] [PATCH v2] tools/libxc: Implement writev_exact() in the same style as write_exact()
Previous by thread: Re: [Xen-devel] [PATCH v6 02/13] cxenstored: add support for systemd active sockets
Next by thread: Re: [Xen-devel] [PATCH v6 02/13] cxenstored: add support for systemd active sockets
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.