From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Luis R. Rodriguez" <mcgrof@suse.com>
Subject: Re: [PATCH v6 02/13] cxenstored: add support
	for	systemd active sockets
Date: Tue, 8 Jul 2014 05:08:09 +0200
Message-ID: <20140708030809.GN27687@wotan.suse.de>
References: <1402622331-4282-1-git-send-email-mcgrof@do-not-panic.com>
	<1402622331-4282-3-git-send-email-mcgrof@do-not-panic.com>
	<1404306158.5562.66.camel@kazak.uk.xensource.com>
	<20140702190029.GU27687@wotan.suse.de>
	<1404378785.14865.8.camel@kazak.uk.xensource.com>
	<20140703170624.GE27687@wotan.suse.de>
	<1404484349.14796.32.camel@kazak.uk.xensource.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
Received: from mail6.bemta14.messagelabs.com ([193.109.254.103])
	by lists.xen.org with esmtp (Exim 4.72)
	(envelope-from <lurodriguez@suse.de>) id 1X4LlM-0005Dc-Vn
	for xen-devel@lists.xenproject.org; Tue, 08 Jul 2014 03:08:13 +0000
Content-Disposition: inline
In-Reply-To: <1404484349.14796.32.camel@kazak.uk.xensource.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Ian Campbell <Ian.Campbell@citrix.com>
Cc: xen-devel@lists.xenproject.org, David Scott <dave.scott@eu.citrix.com>, "Luis R. Rodriguez" <mcgrof@do-not-panic.com>
List-Id: xen-devel@lists.xenproject.org

On Fri, Jul 04, 2014 at 03:32:29PM +0100, Ian Campbell wrote:
> On Thu, 2014-07-03 at 19:06 +0200, Luis R. Rodriguez wrote:
> > > > > Is it common in systemd support to validate the input socket's path in
> > > > > this way? As opposed to trusting that the systemd unit file is correct.
> > > > 
> > > > sd_is_socket_unix() is certainly advised and highly encourged. As
> > > > for the other check -- yes we want that given that we are using
> > > > two socket files specifically in order to avoid having to chmod()
> > > > the socket ourelves. Systemd currently doesn't support having two
> > > > separate sockets in one file with different permissions. From
> > > > what I have seen the order in which systemd sets the sockets and
> > > > maps them to fds will very on the unit socket files you use, this
> > > > approach lets us allow systemd to give them to us in any order
> > > > while my hope is that systemd upstream gets support for just one
> > > > stocket file with multiple permissions.
> > > 
> > > OK.
> > > 
> > > BTW, the permissions on these two sockets should be the same
> > > (read/write),
> > 
> > tools/xenstore/xenstored_core.c uses chmod to change the
> > permissions:
> > 
> >         if (chmod(soc_str, 0600) != 0
> >             || chmod(soc_str_ro, 0660) != 0)
> >                 barf_perror("Could not chmod sockets");
> > 
> > > it's the owner/group which might differ.
> > 
> > On my latest Debian install of the master branch for legacy init
> > my sockets end up being owned by root, who should be owning the
> > sockets?
> 
> My mistake, I thought they were 0660 and root:root and 0660 root:
> $something. But 0600 for the rw makes sense too.
> 
> Default owner should be root:root for both IMHO. The ro socket is there
> for the admin if he wants to chgrp it and put things in that group.

OK my patches upkeep the existing implementation design then.

  Luis