5b86fc9dcf
Add 0018-multipath-tools-move-DEFAULT_SOCKET-definition-into-.patch
Add 0019-multipath-tools-add-helper-mpath_fill_sockaddr__.patch
Add 0020-libmpathutil-add-support-for-Unix-pathname-sockets.patch
Add 0021-libmpathutil-move-systemd_listen_fds-support-into-mu.patch
Add 0022-multipathd-make-uxsock_listen-take-a-pointer-to-fd.patch
Add 0023-multipathd-allow-receiving-two-socket-fds-from-syste.patch
Add 0024-multipathd-listen-on-pathname-and-abstract-socket-by.patch
Add 0025-libmpathcmd-try-both-abstract-and-pathname-sockets.patch
Add 0026-libmpathcmd-honor-MULTIPATH_SOCKET_NAME-environment-.patch
Add 0027-multipathd-honor-MULTIPATH_SOCKET_NAME-environment-v.patch
Add 0028-multipath-clean-up-find_multipaths-documentation.patch
Add 0029-multipathd-Add-multipathd-man-page-section-about-soc.patch
* Fixes RHEL-82180 ("RFE: Enable multipathd to communicate with a
process in another network namespace")
Resolves: RHEL-82180
50 lines
1.8 KiB
Diff
50 lines
1.8 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Martin Wilck <mwilck@suse.com>
|
|
Date: Fri, 14 Feb 2025 22:00:24 +0100
|
|
Subject: [PATCH] libmpathutil: add support for Unix pathname sockets
|
|
|
|
Pathname sockets need to be world read/writable in order to allow regular
|
|
users to read information from multipathd. Our SO_PEERCRED permission check
|
|
will make sure that they can't make configuration changes. Also, SO_REUSEADDR
|
|
doesn't work for pathname sockets as it does for abstract Unix sockets. A
|
|
possibly pre-existing socket file must be removed before trying to recreate it.
|
|
|
|
Signed-off-by: Martin Wilck <mwilck@suse.com>
|
|
Reviewed-by: Benjamin Marzinski <bmarzins@redhat.com>
|
|
Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
|
|
---
|
|
libmpathutil/uxsock.c | 13 +++++++++++++
|
|
1 file changed, 13 insertions(+)
|
|
|
|
diff --git a/libmpathutil/uxsock.c b/libmpathutil/uxsock.c
|
|
index 12c46084..889d7a17 100644
|
|
--- a/libmpathutil/uxsock.c
|
|
+++ b/libmpathutil/uxsock.c
|
|
@@ -62,6 +62,11 @@ int ux_socket_listen(const char *name)
|
|
return fd;
|
|
}
|
|
#endif
|
|
+
|
|
+ /* This is after the PID check, so unlinking should be fine */
|
|
+ if (name[0] != '@' && unlink(name) == -1 && errno != ENOENT)
|
|
+ condlog(1, "Failed to unlink %s", name);
|
|
+
|
|
fd = socket(AF_LOCAL, SOCK_STREAM, 0);
|
|
if (fd == -1) {
|
|
condlog(3, "Couldn't create ux_socket, error %d", errno);
|
|
@@ -75,6 +80,14 @@ int ux_socket_listen(const char *name)
|
|
return -1;
|
|
}
|
|
|
|
+ /*
|
|
+ * Socket needs to have rw permissions for everone.
|
|
+ * SO_PEERCRED makes sure that only root can modify things.
|
|
+ */
|
|
+ if (name[0] != '@' &&
|
|
+ chmod(name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH) == -1)
|
|
+ condlog(3, "failed to set permissions on %s: %s", name, strerror(errno));
|
|
+
|
|
if (listen(fd, 10) == -1) {
|
|
condlog(3, "Couldn't listen to ux_socket, error %d", errno);
|
|
close(fd);
|