summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3d00c58)
raw | patch | inline | side by side (parent: 3d00c58)
author | oetiker <oetiker@a5681a0c-68f1-0310-ab6d-d61299d08faa> | |
Mon, 26 Jul 2010 05:35:11 +0000 (05:35 +0000) | ||
committer | oetiker <oetiker@a5681a0c-68f1-0310-ab6d-d61299d08faa> | |
Mon, 26 Jul 2010 05:35:11 +0000 (05:35 +0000) |
program/doc/rrdcached.pod | patch | blob | history | |
program/src/rrd_daemon.c | patch | blob | history |
index 3f72a23cd28a40385c8dc9c7cf942279d94ce1bb..9aebfe73bbfa3859e4ad907bf881f04f2e9352c6 100644 (file)
permission context of the web server).
This option affects the I<following> UNIX socket addresses (the following
permission context of the web server).
This option affects the I<following> UNIX socket addresses (the following
-B<-l> options), i.e., you may specify different settings for different
+B<-l> options) or the default socket (if no B<-l> options have been
+specified), i.e., you may specify different settings for different
sockets.
The default is not to change ownership or permissions of the socket and, thus,
sockets.
The default is not to change ownership or permissions of the socket and, thus,
details.
This option affects the I<following> UNIX socket addresses (the following
details.
This option affects the I<following> UNIX socket addresses (the following
-B<-l> options), i.e., you may specify different settings for different
+B<-l> options) or the default socket (if no B<-l> options have been
+specified), i.e., you may specify different settings for different
sockets.
The default is not to change ownership or permissions of the socket and, thus,
sockets.
The default is not to change ownership or permissions of the socket and, thus,
rrdcached -P FLUSH,PENDING $MORE_ARGUMENTS
The B<-P> option affects the I<following> socket addresses (the following B<-l>
rrdcached -P FLUSH,PENDING $MORE_ARGUMENTS
The B<-P> option affects the I<following> socket addresses (the following B<-l>
-options). In the following example, only the IPv4 network socket (address
+options) or the default socket (if no B<-l> options have been
+specified). In the following example, only the IPv4 network socket (address
C<10.0.0.1>) will be restricted to the C<FLUSH> and C<PENDING> commands:
rrdcached -l unix:/some/path -P FLUSH,PENDING -l 10.0.0.1
C<10.0.0.1>) will be restricted to the C<FLUSH> and C<PENDING> commands:
rrdcached -l unix:/some/path -P FLUSH,PENDING -l 10.0.0.1
index a3e03684770283043bec5a1520746f1cba6e09d4..22093205ba099b49bb1d98172c2fb84baffc2355 100644 (file)
--- a/program/src/rrd_daemon.c
+++ b/program/src/rrd_daemon.c
static listen_socket_t *listen_fds = NULL;
static size_t listen_fds_num = 0;
static listen_socket_t *listen_fds = NULL;
static size_t listen_fds_num = 0;
+static listen_socket_t default_socket;
+
enum {
RUNNING, /* normal operation */
FLUSHING, /* flushing remaining values */
enum {
RUNNING, /* normal operation */
FLUSHING, /* flushing remaining values */
return (0);
} /* }}} int socket_permission_add */
return (0);
} /* }}} int socket_permission_add */
+static void socket_permission_clear (listen_socket_t *sock) /* {{{ */
+{
+ sock->permissions = 0;
+} /* }}} socket_permission_clear */
+
+static void socket_permission_copy (listen_socket_t *dest, /* {{{ */
+ listen_socket_t *src)
+{
+ dest->permissions = src->permissions;
+} /* }}} socket_permission_copy */
+
/* check whether commands are received in the expected context */
static int command_check_context(listen_socket_t *sock, command_t *cmd)
{
/* check whether commands are received in the expected context */
static int command_check_context(listen_socket_t *sock, command_t *cmd)
{
}
else
{
}
else
{
- listen_socket_t sock;
- memset(&sock, 0, sizeof(sock));
- strncpy(sock.addr, RRDCACHED_DEFAULT_ADDRESS, sizeof(sock.addr)-1);
- open_listen_socket (&sock);
+ strncpy(default_socket.addr, RRDCACHED_DEFAULT_ADDRESS,
+ sizeof(default_socket.addr) - 1);
+ default_socket.addr[sizeof(default_socket.addr) - 1] = '\0';
+ open_listen_socket (&default_socket);
}
if (listen_fds_num < 1)
}
if (listen_fds_num < 1)
int option;
int status = 0;
int option;
int status = 0;
- char **permissions = NULL;
- size_t permissions_len = 0;
+ socket_permission_clear (&default_socket);
- gid_t socket_group = (gid_t)-1;
- mode_t socket_permissions = (mode_t)-1;
+ default_socket.socket_group = (gid_t)-1;
+ default_socket.socket_permissions = (mode_t)-1;
while ((option = getopt(argc, argv, "gl:s:m:P:f:w:z:t:Bb:p:Fj:a:h?")) != -1)
{
while ((option = getopt(argc, argv, "gl:s:m:P:f:w:z:t:Bb:p:Fj:a:h?")) != -1)
{
strncpy(new->addr, optarg, sizeof(new->addr)-1);
/* Add permissions to the socket {{{ */
strncpy(new->addr, optarg, sizeof(new->addr)-1);
/* Add permissions to the socket {{{ */
- if (permissions_len != 0)
+ if (default_socket.permissions != 0)
{
{
- size_t i;
- for (i = 0; i < permissions_len; i++)
- {
- status = socket_permission_add (new, permissions[i]);
- if (status != 0)
- {
- fprintf (stderr, "read_options: Adding permission \"%s\" to "
- "socket failed. Most likely, this permission doesn't "
- "exist. Check your command line.\n", permissions[i]);
- status = 4;
- }
- }
+ socket_permission_copy (new, &default_socket);
}
}
- else /* if (permissions_len == 0) */
+ else /* if (default_socket.permissions == 0) */
{
/* Add permission for ALL commands to the socket. */
size_t i;
{
/* Add permission for ALL commands to the socket. */
size_t i;
{
fprintf (stderr, "read_options: Adding permission \"%s\" to "
"socket failed. This should never happen, ever! Sorry.\n",
{
fprintf (stderr, "read_options: Adding permission \"%s\" to "
"socket failed. This should never happen, ever! Sorry.\n",
- permissions[i]);
+ list_of_commands[i].cmd);
status = 4;
}
}
}
/* }}} Done adding permissions. */
status = 4;
}
}
}
/* }}} Done adding permissions. */
- new->socket_group = socket_group;
- new->socket_permissions = socket_permissions;
+ new->socket_group = default_socket.socket_group;
+ new->socket_permissions = default_socket.socket_permissions;
if (!rrd_add_ptr((void ***)&config_listen_address_list,
&config_listen_address_list_len, new))
if (!rrd_add_ptr((void ***)&config_listen_address_list,
&config_listen_address_list_len, new))
if (grp)
{
if (grp)
{
- socket_group = grp->gr_gid;
+ default_socket.socket_group = grp->gr_gid;
}
else
{
}
else
{
return (5);
}
return (5);
}
- socket_permissions = (mode_t)tmp;
+ default_socket.socket_permissions = (mode_t)tmp;
}
break;
}
break;
char *dummy;
char *ptr;
char *dummy;
char *ptr;
- rrd_free_ptrs ((void *) &permissions, &permissions_len);
+ socket_permission_clear (&default_socket);
optcopy = strdup (optarg);
dummy = optcopy;
optcopy = strdup (optarg);
dummy = optcopy;
while ((ptr = strtok_r (dummy, ", ", &saveptr)) != NULL)
{
dummy = NULL;
while ((ptr = strtok_r (dummy, ", ", &saveptr)) != NULL)
{
dummy = NULL;
- rrd_add_strdup ((void *) &permissions, &permissions_len, ptr);
+ status = socket_permission_add (&default_socket, ptr);
+ if (status != 0)
+ {
+ fprintf (stderr, "read_options: Adding permission \"%s\" to "
+ "socket failed. Most likely, this permission doesn't "
+ "exist. Check your command line.\n", ptr);
+ status = 4;
+ }
}
free (optcopy);
}
free (optcopy);
if (journal_dir == NULL)
config_flush_at_shutdown = 1;
if (journal_dir == NULL)
config_flush_at_shutdown = 1;
- rrd_free_ptrs ((void *) &permissions, &permissions_len);
-
return (status);
} /* }}} int read_options */
return (status);
} /* }}} int read_options */