From b3ab94ef5bbefa6dddc5290724d29a62757c4f28 Mon Sep 17 00:00:00 2001 From: hmol233 <82594500+hmol233@users.noreply.github.com> Date: Mon, 14 Jun 2021 20:30:46 +0800 Subject: [PATCH] Refine domain socket permission --- transport/internet/system_listener.go | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/transport/internet/system_listener.go b/transport/internet/system_listener.go index 4a1df9fe..31fb71ec 100644 --- a/transport/internet/system_listener.go +++ b/transport/internet/system_listener.go @@ -2,7 +2,10 @@ package internet import ( "context" + "os" "runtime" + "strconv" + "strings" "syscall" "github.com/pires/go-proxyproto" @@ -39,11 +42,10 @@ func getControlFunc(ctx context.Context, sockopt *SocketConfig, controllers []co } } -func (dl *DefaultListener) Listen(ctx context.Context, addr net.Addr, sockopt *SocketConfig) (net.Listener, error) { +func (dl *DefaultListener) Listen(ctx context.Context, addr net.Addr, sockopt *SocketConfig) (l net.Listener, err error) { var lc net.ListenConfig - var l net.Listener - var err error var network, address string + switch addr := addr.(type) { case *net.TCPAddr: network = addr.Network() @@ -53,6 +55,24 @@ func (dl *DefaultListener) Listen(ctx context.Context, addr net.Addr, sockopt *S lc.Control = nil network = addr.Network() address = addr.Name + + if s := strings.Split(address, ","); len(s) == 2 { + address = s[0] + perm, perr := strconv.ParseUint(s[1], 8, 32) + if perr != nil { + return nil, newError("failed to parse permission: " + s[1]).Base(perr) + } + + defer func(file string, permission os.FileMode) { + if err == nil { + cerr := os.Chmod(address, permission) + if cerr != nil { + err = newError("failed to set permission for " + file).Base(cerr) + } + } + }(address, os.FileMode(perm)) + } + if (runtime.GOOS == "linux" || runtime.GOOS == "android") && address[0] == '@' { // linux abstract unix domain socket is lockfree if len(address) > 1 && address[1] == '@' {