如何创建具有特定访问权限的Unix域套接字 [英] How to create a Unix-domain socket with specific access permissions

问题描述

我有一种情况，我打算通过文件系统上UNIX域套接字提供的命令接口与服务进行通信.我能够成功发送命令，但是对于为什么我无法收到对我的查询的任何响应感到困惑.

I have a situation in which I intend to communicate with a service through a command interface made available via a UNIX-domain socket on the file system. I am able to successfully send it commands, but for a while sat perplexed as to why I could not receive any response to my queries.

事实证明，该服务没有足够的权限来写入为其提供的地址I(或操作系统).但是，我意识到，如果我明确地bind到文件系统上的地址，则可以利用chmod来调整文件权限.

As it turns out, the service did not have sufficient permissions to write to the address I (or the OS) provided for it. However, I realized that if I explicitly bind to an address on the file system then I could adjust the file permissions by leveraging chmod.

类似的东西:

int mySocket;
struct sockaddr_un local_addr; 

mySocket = socket(AF_UNIX, SOCK_DGRAM, 0);
local_addr.sun_family = AF_UNIX;
snprintf(local_addr.sun_path, 108  "/path/to/mySocket");

bind(mySocket, (struct sockaddr *) &local_addr, sizeof(struct sockaddr_un));
chmod("/path/to/mySocket", 777);

也就是说，如果没有最后的chmod步骤，该服务将无法写入mySocket，因为它没有适当的写入权限.显然，如果不显式地bind到特定地址，这将是一个更难发现的问题，因为底层操作系统将为用户隐式生成此套接字-但它仍然存在并且 still 将具有相同的访问问题.

That is to say, without the final chmod step, the service is unable to write to mySocket because it does not have the appropriate write permissions. Obviously, this is an even harder problem to spot if one does not explicitly bind to a specific address, since the underlying OS will implicitly generate this socket for the user - but it still exists and still will have the same access problems.

那么，我的问题是关于最后一步的.有没有一种方法可以允许操作系统隐式为我的端点生成套接字(即服务将响应的地址)，但是要求给它一定的权限?

My question, then, is with respect to this final step. Is there a way to allow the OS to implicitly generate the socket for my endpoint (i.e. the address to which the service will respond) but request that it be given certain permissions?

说明

此问题成为问题的原因是由于要求以root用户身份执行程序的其他部分.这样，当我以root用户身份尝试connect/send到后台服务时，操作系统将隐式创建一个地址，并将回复定向到该地址.但是，这导致了一个问题，即我的套接字文件(无论是隐式的还是由bind创建的)都将具有srw- --- ---之类的权限，因此，其他端点也只能在自身提升时进行回复.

The reason this issue is becoming a problem is due to the requirement that other portions of the program be executed as root. As such, when I, as root, attempt to connect/send to the background service, the OS will implicitly create an address to which replies will be directed. However, this leads to the problem that my socket-file, whether implicit or created with bind, will have permissions like srw- --- ---, so the other endpoint can only reply if they, too, elevate themselves.

因此，如果我先显示bind然后是chmod权限，问题就消失了，如上所示.

Thus, the problem goes away if I first bind and then chmod the permissions as I showed above.

推荐答案

是否有一种方法可以允许操作系统隐式为我的端点生成套接字(即服务将响应的地址)，但是要求给它一定的权限?

Is there a way to allow the OS to implicitly generate the socket for my endpoint (i.e. the address to which the service will respond) but request that it be given certain permissions?

使用两个 umask() .

伪代码:

current_mask = umask(umask_to_be_used_on_afunix_socket_file_system_entry_creation);
bind afunix socket here
umask(current_umask);

这篇关于如何创建具有特定访问权限的Unix域套接字的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！