On Mon, Jul 15, 2013 at 10:49 AM, Michele Tartara <[email protected]>wrote:
> On Sat, Jul 13, 2013 at 11:49 AM, Iustin Pop <[email protected]> wrote: > >> On Fri, Jul 12, 2013 at 06:16:21PM +0200, Michele Tartara wrote: >> > Commit 91525dee856951ace940c78b6254a1c7344b4803 fixed Issue 477 but >> broke >> > "gnt-cluster info". >> > >> > This commit offers a solution to both problems, by changing the >> permission >> > of the socket instead of changing the permission the confd process is >> run >> > with. >> > >> > Signed-off-by: Michele Tartara <[email protected]> >> > --- >> > daemons/daemon-util.in | 2 +- >> > src/Ganeti/Luxi.hs | 2 ++ >> > 2 files changed, 3 insertions(+), 1 deletion(-) >> > >> > diff --git a/daemons/daemon-util.in b/daemons/daemon-util.in >> > index 2b3d24d..2bb0b9d 100644 >> > --- a/daemons/daemon-util.in >> > +++ b/daemons/daemon-util.in >> > @@ -80,7 +80,7 @@ _daemon_usergroup() { >> > echo "@GNTMASTERUSER@:@GNTMASTERDGROUP@" >> > ;; >> > confd) >> > - echo "@GNTCONFDUSER@:@GNTDAEMONSGROUP@" >> > + echo "@GNTCONFDUSER@:@GNTCONFDGROUP@" >> > ;; >> > rapi) >> > echo "@GNTRAPIUSER@:@GNTRAPIGROUP@" >> > diff --git a/src/Ganeti/Luxi.hs b/src/Ganeti/Luxi.hs >> > index 9e5b337..4ac2e24 100644 >> > --- a/src/Ganeti/Luxi.hs >> > +++ b/src/Ganeti/Luxi.hs >> > @@ -79,6 +79,7 @@ import Ganeti.OpCodes >> > import qualified Ganeti.Query.Language as Qlang >> > import Ganeti.THH >> > import Ganeti.Types >> > +import Ganeti.Utils >> > >> > -- * Utility functions >> > >> > @@ -222,6 +223,7 @@ getServer path = do >> > s <- S.socket S.AF_UNIX S.Stream S.defaultProtocol >> > S.bindSocket s (S.SockAddrUnix path) >> > S.listen s 5 -- 5 is the max backlog >> > + setOwnerAndGroupFromNames path confdUser daemonsGroup >> >> I would move this just after the 'bind' call, before listen ('listen' >> should be, conceptually, the last step I think). >> >> LGTM then (as [email protected]) >> > > Given that the LGTM is already given, interdiff just FYI. > > diff --git a/src/Ganeti/Luxi.hs b/src/Ganeti/Luxi.hs > index 4ac2e24..e2c7374 100644 > --- a/src/Ganeti/Luxi.hs > +++ b/src/Ganeti/Luxi.hs > @@ -76,6 +76,7 @@ import Ganeti.Errors > import Ganeti.JSON > import Ganeti.OpParams (pTagsObject) > import Ganeti.OpCodes > +import Ganeti.Runtime > import qualified Ganeti.Query.Language as Qlang > import Ganeti.THH > import Ganeti.Types > @@ -222,8 +223,8 @@ getServer :: FilePath -> IO S.Socket > getServer path = do > s <- S.socket S.AF_UNIX S.Stream S.defaultProtocol > S.bindSocket s (S.SockAddrUnix path) > + setOwnerAndGroupFromNames path GanetiConfd $ ExtraGroup DaemonsGroup > S.listen s 5 -- 5 is the max backlog > - setOwnerAndGroupFromNames path confdUser daemonsGroup > return s > > -- | Closes a server endpoint. > > > > Thanks, > Michele > One of the haskell tests allocates a Luxi socket. Given that the tests are run as the local user, setting the owner and group was failing for missing permissions. (Sorry for not noticing this before) So, here is the interdiff fixing the problem, by introducing a new boolean parameter in getServer, determining whether the owner and group of the socket are actually modified or not. diff --git a/src/Ganeti/Luxi.hs b/src/Ganeti/Luxi.hs index 1042bb7..b75f320 100644 --- a/src/Ganeti/Luxi.hs +++ b/src/Ganeti/Luxi.hs @@ -224,11 +224,12 @@ getClient path = do return Client { socket=h, rbuf=rf } -- | Creates and returns a server endpoint. -getServer :: FilePath -> IO S.Socket -getServer path = do +getServer :: FilePath -> Bool -> IO S.Socket +getServer path setOwner = do s <- S.socket S.AF_UNIX S.Stream S.defaultProtocol S.bindSocket s (S.SockAddrUnix path) - setOwnerAndGroupFromNames path GanetiConfd $ ExtraGroup DaemonsGroup + when setOwner . setOwnerAndGroupFromNames path GanetiConfd $ + ExtraGroup DaemonsGroup S.listen s 5 -- 5 is the max backlog return s diff --git a/src/Ganeti/Query/Server.hs b/src/Ganeti/Query/Server.hs index 46e70cc..beda8b5 100644 --- a/src/Ganeti/Query/Server.hs +++ b/src/Ganeti/Query/Server.hs @@ -245,7 +245,7 @@ prepQueryD fpath = do let socket_path = fromMaybe def_socket fpath cleanupSocket socket_path s <- describeError "binding to the Luxi socket" - Nothing (Just socket_path) $ getServer socket_path + Nothing (Just socket_path) $ getServer socket_path True return (socket_path, s) -- | Main function that runs the query endpoint. diff --git a/test/hs/Test/Ganeti/Luxi.hs b/test/hs/Test/Ganeti/Luxi.hs index c3097ed..2b57ce6 100644 --- a/test/hs/Test/Ganeti/Luxi.hs +++ b/test/hs/Test/Ganeti/Luxi.hs @@ -126,7 +126,7 @@ prop_ClientServer dnschars = monadicIO $ do -- we need to create the server first, otherwise (if we do it in the -- forked thread) the client could try to connect to it before it's -- ready - server <- run $ Luxi.getServer fpath + server <- run $ Luxi.getServer fpath False -- fork the server responder _ <- run . forkIO $ bracket Cheers, Michele
