[zeromq-dev] Setting privileges on a UNIX socket

Ale Strooisma a.strooisma at student.utwente.nl
Thu May 26 12:34:08 CEST 2016


Hit send to quickly:

There indeed seems to be a umask property available in systemd
configuration files (my program is initialized by systemd, hence the
relevance).
Slight issue is that the program might also create log files, for example,
which would most likely require other permissions... but I suppose that is
insurmountable?

Kind regards, Ale Strooisma

On 26 May 2016 at 12:30, Ale Strooisma <a.strooisma at student.utwente.nl>
wrote:

> Sorry, I am not familiar with umask. As far as I understand, setting the
> umask determines what permissions new files created by the user have.
> However, in this case I need to specifically affect the files created by
> this specific program. Do you mean there is a way to run a program that
> determines what permissions a file created by it gets?
>
> On 26 May 2016 at 11:01, Arnaud Loonstra <arnaud at sphaero.org> wrote:
>
>> I don't think zmq deals with permissions? The OS does. Shouldn't you be
>> using a umask?
>> What's your umask set at?
>>
>> Rg,
>>
>> Arnaud
>>
>> On 2016-05-26 10:49, Ale Strooisma wrote:
>>
>>> I am using libzmq 4.0.5 - the one provided by EPEL for CentOS 7. I
>>> have never noticed any systemd support in zeromq.
>>>
>>> Yes I am using the chmod function from sys/stat.h with which I change
>>> the permissions on the socket file from 0755 to 0770. The socket is
>>> created in the tmp directory which has 1777.
>>>
>>> Just to make it clear: Id prefer not having to mess around with
>>> sockets outside ZeroMQ / my program.
>>>
>>> On 26 May 2016 at 10:30, Arnaud Loonstra <arnaud at sphaero.org [7]>
>>> wrote:
>>>
>>> I might be misinformed but some of my first thoughts
>>>>
>>>> - what version of zeromq? Are you using zeromqs systemd support? I
>>>> recall we were hacking on this in the hackathon during FOSDEM.
>>>> Otherwise the socket fd might be unlinked which results in weird
>>>> behaviour.
>>>> - Are you using chmod C method or the shell command? Usually you
>>>> set permissions on the directory where the socket is created
>>>>
>>>> Rg,
>>>>
>>>> Arnaud
>>>> On 2016-05-25 17:30, Ale Strooisma wrote:
>>>>
>>>> the previous update might be incorrect. Now it seems that I cant
>>>>> bind
>>>>> to a socket created by systemd (I got something like "address
>>>>> already
>>>>> in use"). If I connect to it instead with my server program,
>>>>> which
>>>>> uses a REP socket, it does receive messages, but cant seem to
>>>>> reply...
>>>>>
>>>>> Anyway, all in all it would be highly preferable to be able to
>>>>> set
>>>>> with which permissions the socket is created. Currently I am
>>>>> working
>>>>> around this issue by calling chmod after binding to the socket.
>>>>>
>>>>>
>>
>> _______________________________________________
>> zeromq-dev mailing list
>> zeromq-dev at lists.zeromq.org
>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20160526/77ff25ac/attachment.htm>


More information about the zeromq-dev mailing list