relax Unix domain socket permissions so that they are group writable

Fixes #1507

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino 2024-01-28 09:34:07 +01:00
parent 856aed2d60
commit a275ef17a8
No known key found for this signature in database
GPG key ID: 935D2952DEC4EECF
2 changed files with 8 additions and 1 deletions

View file

@ -7,6 +7,7 @@ User=sftpgo
Group=sftpgo Group=sftpgo
Type=simple Type=simple
WorkingDirectory=/etc/sftpgo WorkingDirectory=/etc/sftpgo
RuntimeDirectory=sftpgo
Environment=SFTPGO_CONFIG_DIR=/etc/sftpgo/ Environment=SFTPGO_CONFIG_DIR=/etc/sftpgo/
Environment=SFTPGO_LOG_FILE_PATH= Environment=SFTPGO_LOG_FILE_PATH=
EnvironmentFile=-/etc/sftpgo/sftpgo.env EnvironmentFile=-/etc/sftpgo/sftpgo.env

View file

@ -582,13 +582,19 @@ func HTTPListenAndServe(srv *http.Server, address string, port int, isTLS bool,
if !IsFileInputValid(address) { if !IsFileInputValid(address) {
return fmt.Errorf("invalid socket address %q", address) return fmt.Errorf("invalid socket address %q", address)
} }
err = createDirPathIfMissing(address, os.ModePerm) err = createDirPathIfMissing(address, 0770)
if err != nil { if err != nil {
logger.ErrorToConsole("error creating Unix-domain socket parent dir: %v", err) logger.ErrorToConsole("error creating Unix-domain socket parent dir: %v", err)
logger.Error(logSender, "", "error creating Unix-domain socket parent dir: %v", err) logger.Error(logSender, "", "error creating Unix-domain socket parent dir: %v", err)
} }
os.Remove(address) os.Remove(address)
listener, err = newListener("unix", address, srv.ReadTimeout, srv.WriteTimeout) listener, err = newListener("unix", address, srv.ReadTimeout, srv.WriteTimeout)
if err == nil {
// should a chmod err be fatal?
if errChmod := os.Chmod(address, 0770); errChmod != nil {
logger.Warn(logSender, "", "unable to set the Unix-domain socket group writable: %v", errChmod)
}
}
} else { } else {
CheckTCP4Port(port) CheckTCP4Port(port)
listener, err = newListener("tcp", fmt.Sprintf("%s:%d", address, port), srv.ReadTimeout, srv.WriteTimeout) listener, err = newListener("tcp", fmt.Sprintf("%s:%d", address, port), srv.ReadTimeout, srv.WriteTimeout)