Added a config directive for a Unix socket mask

Added a configuration directive to allow a user to specify the permissions to be granted to the Unix socket file. I followed the format Pieter and Salvatore discusses in issue #85 ( https://github.com/antirez/redis/issues/85).

Added a config directive for a Unix socket mask
Added a configuration directive to allow a user to specify the permissions to be granted to the Unix socket file. I followed the format Pieter and Salvatore discusses in issue #85 ( https://github.com/antirez/redis/issues/85).
85238765 · Nathan Florea · 56209f72 · 85238765 · 85238765 · 85238765
Showing with 14 addition and 3 deletion

redis.conf redis.conf +1 -0

src/anet.c src/anet.c +4 -1

src/anet.h src/anet.h +1 -1

src/config.c src/config.c +5 -0

src/redis.c src/redis.c +2 -1

src/redis.h src/redis.h +1 -0

未找到文件。
--- a/redis.conf
+++ b/redis.conf
@@ -34,6 +34,7 @@ port 6379
 # on a unix socket when not specified.
 #
 # unixsocket /tmp/redis.sock
+# unixsocketperm 755

 # Close the connection after a client is idle for N seconds (0 to disable)
 timeout 300

--- a/src/anet.c
+++ b/src/anet.c
@@ -32,6 +32,7 @@

 #include <sys/types.h>
 #include <sys/socket.h>
+#include <sys/stat.h>
 #include <sys/un.h>
 #include <netinet/in.h>
 #include <netinet/tcp.h>
@@ -291,7 +292,7 @@ int anetTcpServer(char *err, int port, char *bindaddr)
    return s;
 }

-int anetUnixServer(char *err, char *path)
+int anetUnixServer(char *err, char *path, mode_t perm)
 {
    int s;
    struct sockaddr_un sa;
@@ -304,6 +305,8 @@ int anetUnixServer(char *err, char *path)
    strncpy(sa.sun_path,path,sizeof(sa.sun_path)-1);
    if (anetListen(err,s,(struct sockaddr*)&sa,sizeof(sa)) == ANET_ERR)
        return ANET_ERR;
+    if (perm)
+        chmod(sa.sun_path, perm);
    return s;
 }


--- a/src/anet.h
+++ b/src/anet.h
@@ -46,7 +46,7 @@ int anetUnixNonBlockConnect(char *err, char *path);
 int anetRead(int fd, char *buf, int count);
 int anetResolve(char *err, char *host, char *ipbuf);
 int anetTcpServer(char *err, int port, char *bindaddr);
-int anetUnixServer(char *err, char *path);
+int anetUnixServer(char *err, char *path, mode_t perm);
 int anetTcpAccept(char *err, int serversock, char *ip, int *port);
 int anetUnixAccept(char *err, int serversock);
 int anetWrite(int fd, char *buf, int count);

--- a/src/config.c
+++ b/src/config.c
@@ -73,6 +73,11 @@ void loadServerConfig(char *filename) {
            server.bindaddr = zstrdup(argv[1]);
        } else if (!strcasecmp(argv[0],"unixsocket") && argc == 2) {
            server.unixsocket = zstrdup(argv[1]);
+        } else if (!strcasecmp(argv[0],"unixsocketperm") && argc == 2) {
+            server.unixsocketperm = (mode_t)strtol(argv[1], NULL, 8);
+            if (errno || server.unixsocketperm > 0777) {
+                err = "Invalid socket file permissions"; goto loaderr;
+            }
        } else if (!strcasecmp(argv[0],"save") && argc == 3) {
            int seconds = atoi(argv[1]);
            int changes = atoi(argv[2]);

--- a/src/redis.c
+++ b/src/redis.c
@@ -822,6 +822,7 @@ void initServerConfig() {
    server.port = REDIS_SERVERPORT;
    server.bindaddr = NULL;
    server.unixsocket = NULL;
+    server.unixsocketperm = 0;
    server.ipfd = -1;
    server.sofd = -1;
    server.dbnum = REDIS_DEFAULT_DBNUM;
@@ -935,7 +936,7 @@ void initServer() {
    }
    if (server.unixsocket != NULL) {
        unlink(server.unixsocket); /* don't care if this fails */
-        server.sofd = anetUnixServer(server.neterr,server.unixsocket);
+        server.sofd = anetUnixServer(server.neterr,server.unixsocket,server.unixsocketperm);
        if (server.sofd == ANET_ERR) {
            redisLog(REDIS_WARNING, "Opening socket: %s", server.neterr);
            exit(1);

--- a/src/redis.h
+++ b/src/redis.h
@@ -515,6 +515,7 @@ struct redisServer {
    int port;
    char *bindaddr;
    char *unixsocket;
+    mode_t unixsocketperm;
    int ipfd;
    int sofd;
    int cfd;