unicorn Ruby/Rack server user+dev discussion/patches/pulls/bugs/help
 help / color / mirror / code / Atom feed
From: Eric Wong <normalperson@yhbt.net>
To: unicorn list <mongrel-unicorn@rubyforge.org>
Subject: Re: where to chmod socket file?
Date: Sat, 14 Nov 2009 16:24:34 -0800	[thread overview]
Message-ID: <20091115002433.GA29378@dcvr.yhbt.net> (raw)
In-Reply-To: <20091113020351.GA5577@dcvr.yhbt.net>

Eric Wong <normalperson@yhbt.net> wrote:
> Suraj Kurapati <sunaku@gmail.com> wrote:
> > Hello,
> > 
> > I set the socket for my app to reside in /tmp/ because my app's
> > Capistrano deploy directory is NFS-mounted:
> > 
> >   listen '/tmp/my_app.sock'
> > 
> > That socket file is being created with mode 0777 + sticky bit.  I
> > don't want others to accidentally delete or write to this socket file,
> > so I added the following line to my before_fork() block:
> > 
> >   before_fork do |server, worker|
> >     File.chmod 0600, '/tmp/my_app.sock'
> >     # ...
> >   end
> > 
> > Is there a better place to put this chmod?  Or maybe tell unicorn to
> > create the socket with mode 0600?
> 
> Hi Suraj,
> 
> That's probably the best place to put chmod for now... I could be
> persuaded to add a :umask option for listen.  E.g.:
> 
>     listen '/tmp/my_app.sock', :umask => 0077

Hi Suraj, just pushed this out:

>From 07767ea2733ed5276ec638fa50102dccb0b2991e Mon Sep 17 00:00:00 2001
From: Eric Wong <normalperson@yhbt.net>
Date: Sat, 14 Nov 2009 15:28:37 -0800
Subject: [PATCH] configurator: listen :umask parameter for UNIX sockets

Typically UNIX domain sockets are created with more liberal
file permissions than the rest of the application.  By default,
we create UNIX domain sockets to be readable and writable by
all local users to give them the same accessibility as
locally-bound TCP listeners.

This only has an effect on UNIX domain sockets.

This was inspired by Suraj Kurapati in
cfbcd2f00911121536rd0582b8u961f7f2a8c6e546a@mail.gmail.com
---
 lib/unicorn/configurator.rb     |   14 +++++++++++++-
 lib/unicorn/socket_helper.rb    |    2 +-
 test/unit/test_socket_helper.rb |   14 ++++++++++++++
 3 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/lib/unicorn/configurator.rb b/lib/unicorn/configurator.rb
index d68897b..2d92aa3 100644
--- a/lib/unicorn/configurator.rb
+++ b/lib/unicorn/configurator.rb
@@ -291,10 +291,22 @@ module Unicorn
     # +:delay+: seconds to wait between successive +tries+
     #
     # Default: 0.5 seconds
+    #
+    # +:umask+: sets the file mode creation mask for UNIX sockets
+    #
+    # Typically UNIX domain sockets are created with more liberal
+    # file permissions than the rest of the application.  By default,
+    # we create UNIX domain sockets to be readable and writable by
+    # all local users to give them the same accessibility as
+    # locally-bound TCP listeners.
+    #
+    # This has no effect on TCP listeners.
+    #
+    # Default: 0 (world read/writable)
     def listen(address, opt = {})
       address = expand_addr(address)
       if String === address
-        [ :backlog, :sndbuf, :rcvbuf, :tries ].each do |key|
+        [ :umask, :backlog, :sndbuf, :rcvbuf, :tries ].each do |key|
           value = opt[key] or next
           Integer === value or
             raise ArgumentError, "not an integer: #{key}=#{value.inspect}"
diff --git a/lib/unicorn/socket_helper.rb b/lib/unicorn/socket_helper.rb
index f792562..1c56be2 100644
--- a/lib/unicorn/socket_helper.rb
+++ b/lib/unicorn/socket_helper.rb
@@ -88,7 +88,7 @@ module Unicorn
                   "socket=#{address} specified but it is not a socket!"
           end
         end
-        old_umask = File.umask(0)
+        old_umask = File.umask(opt[:umask] || 0)
         begin
           UNIXServer.new(address)
         ensure
diff --git a/test/unit/test_socket_helper.rb b/test/unit/test_socket_helper.rb
index dbca69b..c35b0c2 100644
--- a/test/unit/test_socket_helper.rb
+++ b/test/unit/test_socket_helper.rb
@@ -63,6 +63,20 @@ class TestSocketHelper < Test::Unit::TestCase
       File.umask(old_umask)
   end
 
+  def test_bind_listen_unix_umask
+    old_umask = File.umask(0777)
+    tmp = Tempfile.new 'unix.sock'
+    @unix_listener_path = tmp.path
+    File.unlink(@unix_listener_path)
+    @unix_listener = bind_listen(@unix_listener_path, :umask => 077)
+    assert UNIXServer === @unix_listener
+    assert_equal @unix_listener_path, sock_name(@unix_listener)
+    assert_equal 0140700, File.stat(@unix_listener_path).mode
+    assert_equal 0777, File.umask
+    ensure
+      File.umask(old_umask)
+  end
+
   def test_bind_listen_unix_idempotent
     test_bind_listen_unix
     a = bind_listen(@unix_listener)
-- 
Eric Wong

  reply	other threads:[~2009-11-15  0:24 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-11-12 23:36 where to chmod socket file? Suraj Kurapati
2009-11-13  2:03 ` Eric Wong
2009-11-15  0:24   ` Eric Wong [this message]
2009-11-15  1:52     ` Suraj Kurapati
2009-11-30 22:34       ` Suraj Kurapati
2009-12-01  0:41         ` Eric Wong
2009-12-01  1:36           ` Suraj Kurapati

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://yhbt.net/unicorn/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20091115002433.GA29378@dcvr.yhbt.net \
    --to=normalperson@yhbt.net \
    --cc=mongrel-unicorn@rubyforge.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

	https://yhbt.net/unicorn.git/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).