unix_socket_mode / _name

This mirrors similar parameters in Postgres config.

diff --git a/etc/pgbouncer.ini b/etc/pgbouncer.ini
index 4a57fb617bb803a45c9031c4d7aa43853eee4f70..09d622f8276bed0019706ef6b5bd3d3a6c66ffa2 100644 (file)
--- a/etc/pgbouncer.ini
+++ b/etc/pgbouncer.ini
@@ -41,6 +41,8 @@ listen_port = 6432
 ; unix socket is also used for -R.
 ; On debian it should be /var/run/postgresql
 ;unix_socket_dir = /tmp
+;unix_socket_mode = 0777
+;unix_socket_group =
 
 ;;;
 ;;; Authentication settings

diff --git a/include/bouncer.h b/include/bouncer.h
index 7cfaefc59f9c0ec7951a143c89abc08e3e9d32fd..5858beb6cb5afe985a1fa18b88c8ebca61acbb9f 100644 (file)
--- a/include/bouncer.h
+++ b/include/bouncer.h
@@ -336,6 +336,8 @@ extern char *cf_config_file;
 extern char *cf_jobname;
 
 extern char *cf_unix_socket_dir;
+extern int cf_unix_socket_mode;
+extern char *cf_unix_socket_group;
 extern char *cf_listen_addr;
 extern int cf_listen_port;
 extern int cf_listen_backlog;

diff --git a/include/system.h b/include/system.h
index ed8c7d4dbe44f34a7522dde7826821c1a646bcf0..a3417ba3d1934e12678e7789c1e63faa43c59e46 100644 (file)
--- a/include/system.h
+++ b/include/system.h
@@ -67,3 +67,5 @@ static inline int lstat(const char *path, struct stat *st) { return stat(path, s
 
 void change_user(const char *user);
 
+void change_file_mode(const char *fn, mode_t mode, const char *user, const char *group);
+

diff --git a/src/main.c b/src/main.c
index f1c1827934f4320e95a94d2d1a43c2b00f387f0b..3069cd69e0add75119572a9dffbc2d088f9751b0 100644 (file)
--- a/src/main.c
+++ b/src/main.c
@@ -65,6 +65,8 @@ char *cf_listen_addr;
 int cf_listen_port;
 int cf_listen_backlog;
 char *cf_unix_socket_dir;
+int cf_unix_socket_mode;
+char *cf_unix_socket_group;
 
 int cf_pool_mode = POOL_SESSION;
 
@@ -167,6 +169,8 @@ CF_ABS("listen_port", CF_INT, cf_listen_port, CF_NO_RELOAD, "6432"),
 CF_ABS("listen_backlog", CF_INT, cf_listen_backlog, CF_NO_RELOAD, "128"),
 #ifndef WIN32
 CF_ABS("unix_socket_dir", CF_STR, cf_unix_socket_dir, CF_NO_RELOAD, "/tmp"),
+CF_ABS("unix_socket_mode", CF_INT, cf_unix_socket_mode, CF_NO_RELOAD, "0777"),
+CF_ABS("unix_socket_group", CF_STR, cf_unix_socket_group, CF_NO_RELOAD, ""),
 #endif
 CF_ABS("auth_type", CF_LOOKUP(auth_type_map), cf_auth_type, 0, "md5"),
 CF_ABS("auth_file", CF_STR, cf_auth_file, 0, "unconfigured_file"),

diff --git a/src/pooler.c b/src/pooler.c
index 4f766382e2a82638327cdf0a2cf1460a8803e046..f2eed47bfd25babdce9a06c6884be137cf0d5400 100644 (file)
--- a/src/pooler.c
+++ b/src/pooler.c
@@ -137,14 +137,8 @@ static bool add_listen(int af, const struct sockaddr *sa, int salen)
        }
 
        if (af == AF_UNIX) {
-               const struct sockaddr_un *un;
-               mode_t mode = 0777;
-               un = (struct sockaddr_un *)sa;
-               res = chmod(un->sun_path, mode);
-               if (res < 0)
-                       /* failure to chmod to 0777 does not seem serious */
-                       log_warning("add_listen: chmod(%s, 0%o) failed: %s",
-                                   un->sun_path, mode, strerror(errno));
+               struct sockaddr_un *un = (struct sockaddr_un *)sa;
+               change_file_mode(un->sun_path, cf_unix_socket_mode, NULL, cf_unix_socket_group);
        } else {
                tune_accept(sock, cf_tcp_defer_accept);
        }

diff --git a/src/system.c b/src/system.c
index 8447495a51812de4281c03f63941430e8220cddc..5425f21f54229ff70452d563ed3c6a55d22c9bfd 100644 (file)
--- a/src/system.c
+++ b/src/system.c
@@ -61,3 +61,62 @@ void change_user(const char *user)
                fatal("setuid() failed to work");
 }
 
+/* set permissions & mode for file */
+void change_file_mode(const char *fn, mode_t mode,
+                     const char *user_name,
+                     const char *group_name)
+{
+       int res;
+       uid_t uid = -1;
+       gid_t gid = -1;
+       unsigned long val;
+       char *end;
+
+       /* user lookup */
+       if (user_name && user_name[0]) {
+               const struct passwd *pw;
+
+               val = strtoul(user_name, &end, 0);
+               if (*end == 0) {
+                       uid = val;
+               } else {
+                       /* check for a valid username */
+                       pw = getpwnam(user_name);
+                       if (!pw)
+                               fatal("could not find user '%s': %s",
+                                     user_name, strerror(errno));
+                       uid = pw->pw_uid;
+               }
+       }
+
+       /* group lookup */
+       if (group_name && group_name[0]) {
+               struct group *gr;
+
+               val = strtoul(group_name, &end, 0);
+               if (*end == 0) {
+                       gid = val;
+               } else {
+                       gr = getgrnam(group_name);
+                       if (!gr)
+                               fatal("cound not find group '%s': %s",
+                                     group_name, strerror(errno));
+                       gid = gr->gr_gid;
+               }
+       }
+
+       /* change user/group */
+       if (uid != (uid_t)-1 || gid != (gid_t)-1) {
+               res = chown(fn, uid, gid);
+               if (res != 0)
+                       fatal("chown(%s, %d, %d) failed: %s",
+                             fn, uid, gid, strerror(errno));
+       }
+
+       /* change mode */
+       res = chmod(fn, mode);
+       if (res != 0)
+               fatal("Failure to chmod(%s, 0%o): %s",
+                     fn, mode, strerror(errno));
+}
+