Followed your suggestion, as some scripts could indeed need to read these values.
Should I note somewhere that this constant needs to be migrated during version merges? The changes in the patch sent anew: diff --git a/lib/constants.py b/lib/constants.py index eefc250..dd4b777 100644 --- a/lib/constants.py +++ b/lib/constants.py @@ -240,6 +240,7 @@ LUXI_VERSION = CONFIG_VERSION LUXI_OVERRIDE = "FORCE_LUXI_SOCKET" LUXI_OVERRIDE_MASTER = "master" LUXI_OVERRIDE_QUERY = "query" +LUXI_SOCKET_PERMS = 0660 # one of "no", "yes", "only" SYSLOG_USAGE = _autoconf.SYSLOG_USAGE diff --git a/src/Ganeti/Luxi.hs b/src/Ganeti/Luxi.hs index ecad598..ebe2f0f 100644 --- a/src/Ganeti/Luxi.hs +++ b/src/Ganeti/Luxi.hs @@ -67,6 +67,7 @@ import Text.JSON.Types import System.Directory (removeFile) import System.IO (hClose, hFlush, hWaitForInput, Handle, IOMode(..)) import System.IO.Error (isEOFError) +import System.Posix.Files import System.Timeout import qualified Network.Socket as S @@ -228,8 +229,9 @@ getServer :: Bool -> FilePath -> IO S.Socket getServer setOwner path = do s <- S.socket S.AF_UNIX S.Stream S.defaultProtocol S.bindSocket s (S.SockAddrUnix path) - when setOwner . setOwnerAndGroupFromNames path GanetiLuxid $ - ExtraGroup DaemonsGroup + when setOwner $ do + setOwnerAndGroupFromNames path GanetiLuxid $ ExtraGroup DaemonsGroup + setFileMode path $ fromIntegral luxiSocketPerms S.listen s 5 -- 5 is the max backlog return s Hrvoje Ribicic Ganeti Engineering Google Germany GmbH Dienerstr. 12, 80331, München Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg Geschäftsführer: Graham Law, Christine Elizabeth Flores Steuernummer: 48/725/00206 Umsatzsteueridentifikationsnummer: DE813741370
