Merge pull request #6 from nickycakes/socket-perms

added config option for dropping umask before socket creation
james-barrow · May 11, 2022 · 37d50d8 · 37d50d8
2 parents 95e7cc8 + 88ccca4
commit 37d50d8
Show file tree

Hide file tree

Showing 5 changed files with 67 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -82,6 +82,22 @@ Read and write data to the connection:
 
 ```
 
+ ### Unix Socket Permissions
+
+ Under most configurations, a socket created by a user will by default not be writable by another user, making it impossible for the client and server to communicate if being run by separate users.
+
+ The permission mask can be dropped during socket creation by passing custom configuration to the server start function.  **This will make the socket writable by any user.**
+
+```go
+
+	config := &ipc.ServerConfig{UnmaskPermissions: true}
+	sc, err := ipc.StartServer("<name of socket or pipe>", config)
+
+```
+ Note: Tested on Linux, not tested on Mac, not implemented on Windows.
+
+
+
  ### Testing
 
  The package has been tested on Mac, Windows and Linux and has extensive test coverage.

diff --git a/connect_other.go b/connect_other.go
@@ -7,6 +7,7 @@ import (
 	"net"
 	"os"
 	"strings"
+	"syscall"
 	"time"
 )
 
@@ -20,7 +21,17 @@ func (sc *Server) run() error {
 		return err
 	}
 
+	var oldUmask int
+	if sc.unMask == true {
+		oldUmask = syscall.Umask(0)
+	}
+
 	listen, err := net.Listen("unix", base+sc.name+sock)
+
+	if sc.unMask == true {
+		syscall.Umask(oldUmask)
+	}
+
 	if err != nil {
 		return err
 	}

diff --git a/ipc_test.go b/ipc_test.go
@@ -71,6 +71,35 @@ func TestStartUp_Configs(t *testing.T) {
 	if err8 != nil {
 		t.Error(err)
 	}
+
+	t.Run("Unmask Server Socket Permissions", func(t *testing.T) {
+		scon.UnmaskPermissions = true
+
+		_, err := StartServer("test_perm", scon)
+		if err != nil {
+			t.Error(err)
+		}
+
+		// test would not work in windows
+		// can check test_perm.sock in /tmp after running tests to see perms
+
+		/*
+			time.Sleep(time.Second / 4)
+
+			info, err := os.Stat(srv.listen.Addr().String())
+			if err != nil {
+				t.Error(err)
+			}
+			got := fmt.Sprintf("%04o", info.Mode().Perm())
+			want := "0777"
+
+			if got != want {
+				t.Errorf("Got %q, Wanted %q", got, want)
+			}
+		*/
+		scon.UnmaskPermissions = false
+	})
+
 }
 func TestStartUp_Timeout(t *testing.T) {
 

diff --git a/server_all.go b/server_all.go
@@ -29,6 +29,7 @@ func StartServer(ipcName string, config *ServerConfig) (*Server, error) {
 		sc.timeout = 0
 		sc.maxMsgSize = maxMsgSize
 		sc.encryption = true
+		sc.unMask = false
 
 	} else {
 
@@ -50,6 +51,11 @@ func StartServer(ipcName string, config *ServerConfig) (*Server, error) {
 			sc.encryption = true
 		}
 
+		if config.UnmaskPermissions == true {
+			sc.unMask = true
+		} else {
+			sc.unMask = false
+		}
 	}
 
 	go startServer(sc)

diff --git a/types.go b/types.go
@@ -19,6 +19,7 @@ type Server struct {
 	encryption  bool
 	maxMsgSize  int
 	enc         *encryption
+	unMask      bool
 }
 
 // Client - holds the details of the client connection and config.
@@ -71,9 +72,10 @@ const (
 
 // ServerConfig - used to pass configuation overrides to ServerStart()
 type ServerConfig struct {
-	Timeout    time.Duration
-	MaxMsgSize int
-	Encryption bool
+	Timeout           time.Duration
+	MaxMsgSize        int
+	Encryption        bool
+	UnmaskPermissions bool
 }
 
 // ClientConfig - used to pass configuation overrides to ClientStart()