[rrd-developers] [PATCH] rrdcached: Let the -s, -m and -P options affect the default socket as well.

Sebastian Harl sh at tokkee.org
Tue Jul 13 20:28:15 CEST 2010


Signed-off-by: Sebastian Harl <sh at tokkee.org>
---
 program/doc/rrdcached.pod |    9 ++++--
 program/src/rrd_daemon.c  |   68 ++++++++++++++++++++++++--------------------
 2 files changed, 43 insertions(+), 34 deletions(-)

diff --git a/program/doc/rrdcached.pod b/program/doc/rrdcached.pod
index d6bfec3..73e070b 100644
--- a/program/doc/rrdcached.pod
+++ b/program/doc/rrdcached.pod
@@ -77,7 +77,8 @@ user privileges (e.g. graph generating CGI scripts that typically run in the
 permission context of the web server).
 
 This option affects the I<following> UNIX socket addresses (the following
-B<-l> options), i.e., you may specify different settings for different
+B<-l> options) or the default socket (if no B<-l> options have been
+specified), i.e., you may specify different settings for different
 sockets.
 
 The default is not to change ownership or permissions of the socket and, thus,
@@ -95,7 +96,8 @@ BSD-derived systems ignore permissions for UNIX sockets. See L<unix(7)> for
 details.
 
 This option affects the I<following> UNIX socket addresses (the following
-B<-l> options), i.e., you may specify different settings for different
+B<-l> options) or the default socket (if no B<-l> options have been
+specified), i.e., you may specify different settings for different
 sockets.
 
 The default is not to change ownership or permissions of the socket and, thus,
@@ -113,7 +115,8 @@ For example, to allow the C<FLUSH> and C<PENDING> commands one could specify:
   rrdcached -P FLUSH,PENDING $MORE_ARGUMENTS
 
 The B<-P> option affects the I<following> socket addresses (the following B<-l>
-options). In the following example, only the IPv4 network socket (address
+options) or the default socket (if no B<-l> options have been
+specified). In the following example, only the IPv4 network socket (address
 C<10.0.0.1>) will be restricted to the C<FLUSH> and C<PENDING> commands:
 
   rrdcached -l unix:/some/path -P FLUSH,PENDING -l 10.0.0.1
diff --git a/program/src/rrd_daemon.c b/program/src/rrd_daemon.c
index 93ed71c..f340ecc 100644
--- a/program/src/rrd_daemon.c
+++ b/program/src/rrd_daemon.c
@@ -227,6 +227,8 @@ static uid_t daemon_uid;
 static listen_socket_t *listen_fds = NULL;
 static size_t listen_fds_num = 0;
 
+static listen_socket_t default_socket;
+
 enum {
   RUNNING,		/* normal operation */
   FLUSHING,		/* flushing remaining values */
@@ -1719,6 +1721,17 @@ static int socket_permission_add (listen_socket_t *sock, /* {{{ */
   return (0);
 } /* }}} int socket_permission_add */
 
+static void socket_permission_clear (listen_socket_t *sock) /* {{{ */
+{
+  sock->permissions = 0;
+} /* }}} socket_permission_clear */
+
+static void socket_permission_copy (listen_socket_t *dest, /* {{{ */
+    listen_socket_t *src)
+{
+  dest->permissions = src->permissions;
+} /* }}} socket_permission_copy */
+
 /* check whether commands are received in the expected context */
 static int command_check_context(listen_socket_t *sock, command_t *cmd)
 {
@@ -2664,10 +2677,10 @@ static int daemonize (void) /* {{{ */
   }
   else
   {
-    listen_socket_t sock;
-    memset(&sock, 0, sizeof(sock));
-    strncpy(sock.addr, RRDCACHED_DEFAULT_ADDRESS, sizeof(sock.addr)-1);
-    open_listen_socket (&sock);
+    strncpy(default_socket.addr, RRDCACHED_DEFAULT_ADDRESS,
+        sizeof(default_socket.addr) - 1);
+    default_socket.addr[sizeof(default_socket.addr) - 1] = '\0';
+    open_listen_socket (&default_socket);
   }
 
   if (listen_fds_num < 1)
@@ -2772,11 +2785,10 @@ static int read_options (int argc, char **argv) /* {{{ */
   int option;
   int status = 0;
 
-  char **permissions = NULL;
-  size_t permissions_len = 0;
+  socket_permission_clear (&default_socket);
 
-  gid_t  socket_group = (gid_t)-1;
-  mode_t socket_permissions = (mode_t)-1;
+  default_socket.socket_group = (gid_t)-1;
+  default_socket.socket_permissions = (mode_t)-1;
 
   while ((option = getopt(argc, argv, "gl:s:m:P:f:w:z:t:Bb:p:Fj:h?")) != -1)
   {
@@ -2801,22 +2813,11 @@ static int read_options (int argc, char **argv) /* {{{ */
         strncpy(new->addr, optarg, sizeof(new->addr)-1);
 
         /* Add permissions to the socket {{{ */
-        if (permissions_len != 0)
+        if (default_socket.permissions != 0)
         {
-          size_t i;
-          for (i = 0; i < permissions_len; i++)
-          {
-            status = socket_permission_add (new, permissions[i]);
-            if (status != 0)
-            {
-              fprintf (stderr, "read_options: Adding permission \"%s\" to "
-                  "socket failed. Most likely, this permission doesn't "
-                  "exist. Check your command line.\n", permissions[i]);
-              status = 4;
-            }
-          }
+          socket_permission_copy (new, &default_socket);
         }
-        else /* if (permissions_len == 0) */
+        else /* if (default_socket.permissions == 0) */
         {
           /* Add permission for ALL commands to the socket. */
           size_t i;
@@ -2827,15 +2828,15 @@ static int read_options (int argc, char **argv) /* {{{ */
             {
               fprintf (stderr, "read_options: Adding permission \"%s\" to "
                   "socket failed. This should never happen, ever! Sorry.\n",
-                  permissions[i]);
+                  list_of_commands[i].cmd);
               status = 4;
             }
           }
         }
         /* }}} Done adding permissions. */
 
-        new->socket_group = socket_group;
-        new->socket_permissions = socket_permissions;
+        new->socket_group = default_socket.socket_group;
+        new->socket_permissions = default_socket.socket_permissions;
 
         if (!rrd_add_ptr((void ***)&config_listen_address_list,
                          &config_listen_address_list_len, new))
@@ -2865,7 +2866,7 @@ static int read_options (int argc, char **argv) /* {{{ */
 
 	if (grp)
 	{
-	  socket_group = grp->gr_gid;
+	  default_socket.socket_group = grp->gr_gid;
 	}
 	else
 	{
@@ -2890,7 +2891,7 @@ static int read_options (int argc, char **argv) /* {{{ */
           return (5);
         }
 
-        socket_permissions = (mode_t)tmp;
+        default_socket.socket_permissions = (mode_t)tmp;
       }
       break;
 
@@ -2901,7 +2902,7 @@ static int read_options (int argc, char **argv) /* {{{ */
         char *dummy;
         char *ptr;
 
-        rrd_free_ptrs ((void *) &permissions, &permissions_len);
+        socket_permission_clear (&default_socket);
 
         optcopy = strdup (optarg);
         dummy = optcopy;
@@ -2909,7 +2910,14 @@ static int read_options (int argc, char **argv) /* {{{ */
         while ((ptr = strtok_r (dummy, ", ", &saveptr)) != NULL)
         {
           dummy = NULL;
-          rrd_add_strdup ((void *) &permissions, &permissions_len, ptr);
+          status = socket_permission_add (&default_socket, ptr);
+          if (status != 0)
+          {
+            fprintf (stderr, "read_options: Adding permission \"%s\" to "
+                "socket failed. Most likely, this permission doesn't "
+                "exist. Check your command line.\n", ptr);
+            status = 4;
+          }
         }
 
         free (optcopy);
@@ -3142,8 +3150,6 @@ static int read_options (int argc, char **argv) /* {{{ */
   if (journal_dir == NULL)
     config_flush_at_shutdown = 1;
 
-  rrd_free_ptrs ((void *) &permissions, &permissions_len);
-
   return (status);
 } /* }}} int read_options */
 
-- 
1.7.1.rc1.21.gf3bd6

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.oetiker.ch/pipermail/rrd-developers/attachments/20100713/c47ba773/attachment.pgp 


More information about the rrd-developers mailing list