From: Marko Kreen <markokr@gmail.com>
Date: Thu, 19 Jan 2012 11:26:57 +0000 (+0200)
Subject: unix_socket_mode / _name
X-Git-Tag: pgbouncer_1_5_1_rc1~9
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=25f4242aa2c868710b8488e37f0e0fda7846cb5f;p=pgbouncer

unix_socket_mode / _name

This mirrors similar parameters in Postgres config.
---

diff --git a/etc/pgbouncer.ini b/etc/pgbouncer.ini
index 4a57fb6..09d622f 100644
--- a/etc/pgbouncer.ini
+++ b/etc/pgbouncer.ini
@@ -41,6 +41,8 @@ listen_port = 6432
 ; unix socket is also used for -R.
 ; On debian it should be /var/run/postgresql
 ;unix_socket_dir = /tmp
+;unix_socket_mode = 0777
+;unix_socket_group =
 
 ;;;
 ;;; Authentication settings
diff --git a/include/bouncer.h b/include/bouncer.h
index 7cfaefc..5858beb 100644
--- a/include/bouncer.h
+++ b/include/bouncer.h
@@ -336,6 +336,8 @@ extern char *cf_config_file;
 extern char *cf_jobname;
 
 extern char *cf_unix_socket_dir;
+extern int cf_unix_socket_mode;
+extern char *cf_unix_socket_group;
 extern char *cf_listen_addr;
 extern int cf_listen_port;
 extern int cf_listen_backlog;
diff --git a/include/system.h b/include/system.h
index ed8c7d4..a3417ba 100644
--- a/include/system.h
+++ b/include/system.h
@@ -67,3 +67,5 @@ static inline int lstat(const char *path, struct stat *st) { return stat(path, s
 
 void change_user(const char *user);
 
+void change_file_mode(const char *fn, mode_t mode, const char *user, const char *group);
+
diff --git a/src/main.c b/src/main.c
index f1c1827..3069cd6 100644
--- a/src/main.c
+++ b/src/main.c
@@ -65,6 +65,8 @@ char *cf_listen_addr;
 int cf_listen_port;
 int cf_listen_backlog;
 char *cf_unix_socket_dir;
+int cf_unix_socket_mode;
+char *cf_unix_socket_group;
 
 int cf_pool_mode = POOL_SESSION;
 
@@ -167,6 +169,8 @@ CF_ABS("listen_port", CF_INT, cf_listen_port, CF_NO_RELOAD, "6432"),
 CF_ABS("listen_backlog", CF_INT, cf_listen_backlog, CF_NO_RELOAD, "128"),
 #ifndef WIN32
 CF_ABS("unix_socket_dir", CF_STR, cf_unix_socket_dir, CF_NO_RELOAD, "/tmp"),
+CF_ABS("unix_socket_mode", CF_INT, cf_unix_socket_mode, CF_NO_RELOAD, "0777"),
+CF_ABS("unix_socket_group", CF_STR, cf_unix_socket_group, CF_NO_RELOAD, ""),
 #endif
 CF_ABS("auth_type", CF_LOOKUP(auth_type_map), cf_auth_type, 0, "md5"),
 CF_ABS("auth_file", CF_STR, cf_auth_file, 0, "unconfigured_file"),
diff --git a/src/pooler.c b/src/pooler.c
index 4f76638..f2eed47 100644
--- a/src/pooler.c
+++ b/src/pooler.c
@@ -137,14 +137,8 @@ static bool add_listen(int af, const struct sockaddr *sa, int salen)
 	}
 
 	if (af == AF_UNIX) {
-		const struct sockaddr_un *un;
-		mode_t mode = 0777;
-		un = (struct sockaddr_un *)sa;
-		res = chmod(un->sun_path, mode);
-		if (res < 0)
-			/* failure to chmod to 0777 does not seem serious */
-			log_warning("add_listen: chmod(%s, 0%o) failed: %s",
-				    un->sun_path, mode, strerror(errno));
+		struct sockaddr_un *un = (struct sockaddr_un *)sa;
+		change_file_mode(un->sun_path, cf_unix_socket_mode, NULL, cf_unix_socket_group);
 	} else {
 		tune_accept(sock, cf_tcp_defer_accept);
 	}
diff --git a/src/system.c b/src/system.c
index 8447495..5425f21 100644
--- a/src/system.c
+++ b/src/system.c
@@ -61,3 +61,62 @@ void change_user(const char *user)
 		fatal("setuid() failed to work");
 }
 
+/* set permissions & mode for file */
+void change_file_mode(const char *fn, mode_t mode,
+		      const char *user_name,
+		      const char *group_name)
+{
+	int res;
+	uid_t uid = -1;
+	gid_t gid = -1;
+	unsigned long val;
+	char *end;
+
+	/* user lookup */
+	if (user_name && user_name[0]) {
+		const struct passwd *pw;
+
+		val = strtoul(user_name, &end, 0);
+		if (*end == 0) {
+			uid = val;
+		} else {
+			/* check for a valid username */
+			pw = getpwnam(user_name);
+			if (!pw)
+				fatal("could not find user '%s': %s",
+				      user_name, strerror(errno));
+			uid = pw->pw_uid;
+		}
+	}
+
+	/* group lookup */
+	if (group_name && group_name[0]) {
+		struct group *gr;
+
+		val = strtoul(group_name, &end, 0);
+		if (*end == 0) {
+			gid = val;
+		} else {
+			gr = getgrnam(group_name);
+			if (!gr)
+				fatal("cound not find group '%s': %s",
+				      group_name, strerror(errno));
+			gid = gr->gr_gid;
+		}
+	}
+
+	/* change user/group */
+	if (uid != (uid_t)-1 || gid != (gid_t)-1) {
+		res = chown(fn, uid, gid);
+		if (res != 0)
+			fatal("chown(%s, %d, %d) failed: %s",
+			      fn, uid, gid, strerror(errno));
+	}
+
+	/* change mode */
+	res = chmod(fn, mode);
+	if (res != 0)
+		fatal("Failure to chmod(%s, 0%o): %s",
+		      fn, mode, strerror(errno));
+}
+