libguestfs/0020-docs-clarify-sockdir-s-separation.patch
Richard W.M. Jones 6b578e0d34 Update to libguestfs 1.50.2
resolves: RHEL-46775
2024-07-09 15:09:20 +01:00

76 lines
3.3 KiB
Diff

From bb3b9ac1ec7021ac04bca03748f15761c6c97487 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Fri, 14 Jul 2023 15:22:10 +0200
Subject: [PATCH] docs: clarify sockdir's separation
There's another reason for separating sockdir from tmpdir, beyond "shorter
pathnames needed": permissions. For example, passt drops privileges such
that it cannot access "/tmp", and that restricts both the unix domain
socket and the PID file of passt.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2184967
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
Message-Id: <20230714132213.96616-5-lersek@redhat.com>
(cherry picked from commit 21ccddecf7dd51b24bb2b71dbc8beb1a8dd01923)
---
fish/guestfish.pod | 4 ++--
generator/actions_properties.ml | 8 ++++++--
lib/guestfs.pod | 4 ++--
3 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/fish/guestfish.pod b/fish/guestfish.pod
index d36cac9d..33fc8b2c 100644
--- a/fish/guestfish.pod
+++ b/fish/guestfish.pod
@@ -1492,8 +1492,8 @@ See L</LIBGUESTFS_CACHEDIR>, L</LIBGUESTFS_TMPDIR>.
This directory represents a user-specific directory for storing
non-essential runtime files.
-If it is set, then is used to store temporary sockets. Otherwise,
-F</tmp> is used.
+If it is set, then is used to store temporary sockets and PID files.
+Otherwise, F</tmp> is used.
See also L</get-sockdir>,
L<http://www.freedesktop.org/wiki/Specifications/basedir-spec/>.
diff --git a/generator/actions_properties.ml b/generator/actions_properties.ml
index f84afb10..42eaaa4d 100644
--- a/generator/actions_properties.ml
+++ b/generator/actions_properties.ml
@@ -595,13 +595,17 @@ Get the handle identifier. See C<guestfs_set_identifier>." };
name = "get_sockdir"; added = (1, 33, 8);
style = RString (RPlainString, "sockdir"), [], [];
blocking = false;
- shortdesc = "get the temporary directory for sockets";
+ shortdesc = "get the temporary directory for sockets and PID files";
longdesc = "\
-Get the directory used by the handle to store temporary socket files.
+Get the directory used by the handle to store temporary socket and PID
+files.
This is different from C<guestfs_get_tmpdir>, as we need shorter
paths for sockets (due to the limited buffers of filenames for UNIX
sockets), and C<guestfs_get_tmpdir> may be too long for them.
+Furthermore, sockets and PID files must be accessible to such background
+services started by libguestfs that may not have permission to access
+the temporary directory returned by C<guestfs_get_tmpdir>.
The environment variable C<XDG_RUNTIME_DIR> controls the default
value: If C<XDG_RUNTIME_DIR> is set, then that is the default.
diff --git a/lib/guestfs.pod b/lib/guestfs.pod
index 5db6dd91..dff32cc9 100644
--- a/lib/guestfs.pod
+++ b/lib/guestfs.pod
@@ -3120,8 +3120,8 @@ See L</LIBGUESTFS_CACHEDIR>, L</LIBGUESTFS_TMPDIR>.
This directory represents a user-specific directory for storing
non-essential runtime files.
-If it is set, then is used to store temporary sockets. Otherwise,
-F</tmp> is used.
+If it is set, then is used to store temporary sockets and PID files.
+Otherwise, F</tmp> is used.
See also L</guestfs_get_sockdir>,
L<http://www.freedesktop.org/wiki/Specifications/basedir-spec/>.