On Thu, Aug 16, 2018 at 06:58:54PM -0400, Aaron Conole wrote: > Terry Wilson <[email protected]> writes: > > > On Thu, Aug 16, 2018 at 4:57 PM, Ben Pfaff <[email protected]> wrote: > >> On Thu, Aug 16, 2018 at 07:55:09PM +0000, Terry Wilson wrote: > >>> Unix sockets were not being created with the permission 0770, > >>> instead using the current umask value. The manpage for fchmod() > >>> states that that if filedes refers to a socket, the behavior is > >>> undefined. Insetad, use the same code as *BSD to ensure the 0770 > >>> permission is set on unix sockets. > >>> > >>> Signed-off-by: Terry Wilson <[email protected]> > >> > >> It's extraordinarily expensive to fork() to make a single system call. > > > > I agree it is ridiculously ugly, though it isn't like this is > > something that is done in a tight loop anywhere either. > > > >> As far as I can tell, the existing code actually works on Linux, in the > >> same way as the third 'mode' parameter to open(2). > > > > It doesn't (and never has) on my Centos 7 machine. I ran into this a > > couple of years ago and ended up just working around it. As an example > > after make rpm-fedora and installing: > > [centos@test x86_64]$ ls -al /var/run/openvswitch/db.sock > > srwxr-x---. 1 openvswitch openvswitch 0 Aug 16 22:09 db.sock > > > > So we've got 0750 and not 0770 like the hardcoded value in the source. > > > >> Surely there's a better way to do this. > > > > I *hope* so. I mean it certainly seems like something one would want > > to be able to do, but I remember looking for a couple of days 2 years > > ago and giving up. umask seemed like the only reliable option. > > Whatever the solution is, fchmod is *not* it since it is specifically > > undefined behavior to use it on a socket. I'll try with ubuntu and see > > what happens there, but wouldn't imagine it to be different. > > So... > > Gather 'round folks, and let me tell you the tale of a series long > ago posted: > > https://mail.openvswitch.org/pipermail/ovs-dev/2016-August/321866.html
Wow, I don't remember reading that patch at all. That's unusual, for me. _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
