Re: [PATCH v6 02/13] cxenstored: add support for systemd active sockets

["Luis R. Rodriguez" <mcgrof@suse.com>]

On Fri, Jul 04, 2014 at 03:32:29PM +0100, Ian Campbell wrote:
> On Thu, 2014-07-03 at 19:06 +0200, Luis R. Rodriguez wrote:
> > > > > Is it common in systemd support to validate the input socket's path in
> > > > > this way? As opposed to trusting that the systemd unit file is correct.
> > > > 
> > > > sd_is_socket_unix() is certainly advised and highly encourged. As
> > > > for the other check -- yes we want that given that we are using
> > > > two socket files specifically in order to avoid having to chmod()
> > > > the socket ourelves. Systemd currently doesn't support having two
> > > > separate sockets in one file with different permissions. From
> > > > what I have seen the order in which systemd sets the sockets and
> > > > maps them to fds will very on the unit socket files you use, this
> > > > approach lets us allow systemd to give them to us in any order
> > > > while my hope is that systemd upstream gets support for just one
> > > > stocket file with multiple permissions.
> > > 
> > > OK.
> > > 
> > > BTW, the permissions on these two sockets should be the same
> > > (read/write),
> > 
> > tools/xenstore/xenstored_core.c uses chmod to change the
> > permissions:
> > 
> >         if (chmod(soc_str, 0600) != 0
> >             || chmod(soc_str_ro, 0660) != 0)
> >                 barf_perror("Could not chmod sockets");
> > 
> > > it's the owner/group which might differ.
> > 
> > On my latest Debian install of the master branch for legacy init
> > my sockets end up being owned by root, who should be owning the
> > sockets?
> 
> My mistake, I thought they were 0660 and root:root and 0660 root:
> $something. But 0600 for the rw makes sense too.
> 
> Default owner should be root:root for both IMHO. The ro socket is there
> for the admin if he wants to chgrp it and put things in that group.

OK my patches upkeep the existing implementation design then.

  Luis