On Thu, Aug 16, 2018 at 4:57 PM, Ben Pfaff <b...@ovn.org> wrote: > On Thu, Aug 16, 2018 at 07:55:09PM +0000, Terry Wilson wrote: >> Unix sockets were not being created with the permission 0770, >> instead using the current umask value. The manpage for fchmod() >> states that that if filedes refers to a socket, the behavior is >> undefined. Insetad, use the same code as *BSD to ensure the 0770 >> permission is set on unix sockets. >> >> Signed-off-by: Terry Wilson <twil...@redhat.com> > > It's extraordinarily expensive to fork() to make a single system call.
I agree it is ridiculously ugly, though it isn't like this is something that is done in a tight loop anywhere either. > As far as I can tell, the existing code actually works on Linux, in the > same way as the third 'mode' parameter to open(2). It doesn't (and never has) on my Centos 7 machine. I ran into this a couple of years ago and ended up just working around it. As an example after make rpm-fedora and installing: [centos@test x86_64]$ ls -al /var/run/openvswitch/db.sock srwxr-x---. 1 openvswitch openvswitch 0 Aug 16 22:09 db.sock So we've got 0750 and not 0770 like the hardcoded value in the source. > Surely there's a better way to do this. I *hope* so. I mean it certainly seems like something one would want to be able to do, but I remember looking for a couple of days 2 years ago and giving up. umask seemed like the only reliable option. Whatever the solution is, fchmod is *not* it since it is specifically undefined behavior to use it on a socket. I'll try with ubuntu and see what happens there, but wouldn't imagine it to be different. >From man 3 fchmod: DESCRIPTION ... If fildes refers to a socket, the behavior of fchmod() is unspecified. ... Terry _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
