X-Git-Url: https://git.octo.it/?p=rrdtool.git;a=blobdiff_plain;f=src%2Frrd_daemon.c;h=b290bcc0861619f3eed716208882689fefdd3862;hp=d4cfa940e112bf2c6dc638287cc6294736385129;hb=97b95055eaa2de527dc1a75f1c9973afbd07410e;hpb=732528deae5d3d282ef07e2fbb9372f2270c3668

diff --git a/src/rrd_daemon.c b/src/rrd_daemon.c
index d4cfa94..b290bcc 100644
--- a/src/rrd_daemon.c
+++ b/src/rrd_daemon.c
@@ -141,6 +141,9 @@ struct listen_socket_s
   ssize_t wbuf_len;
 
   uint32_t permissions;
+
+  gid_t  socket_group;
+  mode_t socket_permissions;
 };
 typedef struct listen_socket_s listen_socket_t;
 
@@ -221,9 +224,6 @@ static uid_t daemon_uid;
 static listen_socket_t *listen_fds = NULL;
 static size_t listen_fds_num = 0;
 
-static gboolean set_socket_group = FALSE;
-static gid_t socket_group;
-
 enum {
   RUNNING,		/* normal operation */
   FLUSHING,		/* flushing remaining values */
@@ -2331,15 +2331,22 @@ static int open_listen_socket_unix (const listen_socket_t *sock) /* {{{ */
   }
 
   /* tweak the sockets group ownership */
-  if (set_socket_group)
+  if (sock->socket_group != (gid_t)-1)
   {
-    if ( (chown(path, getuid(), socket_group) != 0) ||
+    if ( (chown(path, getuid(), sock->socket_group) != 0) ||
 	 (chmod(path, (S_IRUSR|S_IWUSR|S_IXUSR | S_IRGRP|S_IWGRP)) != 0) )
     {
       fprintf(stderr, "rrdcached: failed to set socket group permissions (%s)\n", strerror(errno));
     }
   }
 
+  if (sock->socket_permissions != (mode_t)-1)
+  {
+    if (chmod(path, sock->socket_permissions) != 0)
+      fprintf(stderr, "rrdcached: failed to set socket file permissions (%o): %s\n",
+          (unsigned int)sock->socket_permissions, strerror(errno));
+  }
+
   status = listen (fd, /* backlog = */ 10);
   if (status != 0)
   {
@@ -2760,7 +2767,10 @@ static int read_options (int argc, char **argv) /* {{{ */
   char **permissions = NULL;
   size_t permissions_len = 0;
 
-  while ((option = getopt(argc, argv, "gl:s:P:f:w:z:t:Bb:p:Fj:h?")) != -1)
+  gid_t  socket_group = (gid_t)-1;
+  mode_t socket_permissions = (mode_t)-1;
+
+  while ((option = getopt(argc, argv, "gl:s:m:P:f:w:z:t:Bb:p:Fj:h?")) != -1)
   {
     switch (option)
     {
@@ -2816,6 +2826,9 @@ static int read_options (int argc, char **argv) /* {{{ */
         }
         /* }}} Done adding permissions. */
 
+        new->socket_group = socket_group;
+        new->socket_permissions = socket_permissions;
+
         if (!rrd_add_ptr((void ***)&config_listen_address_list,
                          &config_listen_address_list_len, new))
         {
@@ -2845,7 +2858,6 @@ static int read_options (int argc, char **argv) /* {{{ */
 	if (grp)
 	{
 	  socket_group = grp->gr_gid;
-	  set_socket_group = TRUE;
 	}
 	else
 	{
@@ -2856,6 +2868,24 @@ static int read_options (int argc, char **argv) /* {{{ */
       }
       break;
 
+      /* set socket file permissions */
+      case 'm':
+      {
+        long  tmp;
+        char *endptr = NULL;
+
+        tmp = strtol (optarg, &endptr, 8);
+        if ((endptr == optarg) || (! endptr) || (*endptr != '\0')
+            || (tmp > 07777) || (tmp < 0)) {
+          fprintf (stderr, "read_options: Invalid file mode \"%s\".\n",
+              optarg);
+          return (5);
+        }
+
+        socket_permissions = (mode_t)tmp;
+      }
+      break;
+
       case 'P':
       {
         char *optcopy;