From 87fa06352833f9eaa57f2b4e522be79726689964 Mon Sep 17 00:00:00 2001
From: Michael Friedrich <michael.friedrich@netways.de>
Date: Fri, 27 Sep 2013 19:39:46 +0200
Subject: [PATCH] LivestatusListener: Set unix socket permissions to 0660.

refs #4444
---
 components/livestatus/listener.cpp | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/components/livestatus/listener.cpp b/components/livestatus/listener.cpp
index 1be2a851c..7bc1105f3 100644
--- a/components/livestatus/listener.cpp
+++ b/components/livestatus/listener.cpp
@@ -55,6 +55,12 @@ void LivestatusListener::Start(void)
 		UnixSocket::Ptr socket = boost::make_shared<UnixSocket>();
 		socket->Bind(GetSocketPath());
 
+		/* group must be able to write */
+		if (chmod(GetSocketPath().CStr(), 0660) < 0) {
+			Log(LogCritical, "livestatus", "Cannot chmod unix socket '" + GetSocketPath() + "' to 0660: " + strerror(errno));
+			return;
+		}
+
 		boost::thread thread(boost::bind(&LivestatusListener::ServerThreadProc, this, socket));
 		thread.detach();
 #else
@@ -78,7 +84,7 @@ String LivestatusListener::GetSocketPath(void) const
 {
 	Value socketPath = m_SocketPath;
 	if (socketPath.IsEmpty())
-		return Application::GetLocalStateDir() + "/run/icinga2/livestatus";
+		return Application::GetLocalStateDir() + "/run/icinga2/rw/livestatus";
 	else
 		return socketPath;
 }
-- 
2.40.0