WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] Re: [Xen-changelog] Set the permissions correctly on the XML

To: Anthony Liguori <aliguori@xxxxxxxxxx>
Subject: [Xen-devel] Re: [Xen-changelog] Set the permissions correctly on the XML-RPC UDP socket, so that non-root users
From: Ewan Mellor <ewan@xxxxxxxxxxxxx>
Date: Fri, 31 Mar 2006 16:48:26 +0100
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 31 Mar 2006 15:50:05 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <442D3E7D.60302@xxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <E1FP85Y-00078n-Gr@xxxxxxxxxxxxxxxxxxxxx> <442D3E7D.60302@xxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.9i
On Fri, Mar 31, 2006 at 08:36:45AM -0600, Anthony Liguori wrote:

> Did you see this failure after changing the socket location to 
> /var/run/xend/xml-rpc.sock?  The only way the permissions of 
> /var/run/xend-xmlrpc.sock should be non-root is if /var/run has non root 
> permissions.  Was that the case?

We were seeing the failure intermittently, even when the socket was in
/var/run.

According to unix(7), on Linux, "sockets honour the permissions of the
directory they are in", so it seems to me to be safest to have our own
dedicated directory, so that we can guarantee the permissions on that are
correct.

Ewan.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread] Current Thread [Next in Thread>