Resolves: rhbz#2116841

- Fixed ruby socket permissions
2022-09-05 18:20:03 +02:00 · 2022-09-05 18:20:03 +02:00 · 2ad9e29003
commit 2ad9e29003
parent c06ed2a4ad
2 changed files with 53 additions and 1 deletions
--- a/bz2116841-01-fix-ruby-socket-permissions.patch
+++ b/bz2116841-01-fix-ruby-socket-permissions.patch
@ -0,0 +1,46 @@
+From efd5edbfc96a2d85ee0575beca8b163b4ab9179f Mon Sep 17 00:00:00 2001
+From: Tomas Jelinek <tojeline@redhat.com>
+Date: Wed, 10 Aug 2022 14:47:53 +0200
+Subject: [PATCH] fix ruby socket permissions
+
+---
+ pcsd/rserver.rb | 23 +++++++++++++++++++++++
+ 1 file changed, 23 insertions(+)
+
+diff --git a/pcsd/rserver.rb b/pcsd/rserver.rb
+index e2c5e2a1..4fde639e 100644
+--- a/pcsd/rserver.rb
+++ b/pcsd/rserver.rb
+@@ -7,6 +7,29 @@ require 'thin'
+ 
+ require 'settings.rb'
+ 
+# Replace Thin::Backends::UnixServer:connect
+# The only change is 'File.umask(0o777)' instead of 'File.umask(0)' to properly
+# set python-ruby socket permissions
+module Thin
+  module Backends
+    class UnixServer < Base
+      def connect
+        at_exit { remove_socket_file } # In case it crashes
+        old_umask = File.umask(0o077)
+        begin
+          EventMachine.start_unix_domain_server(@socket, UnixConnection, &method(:initialize_connection))
+          # HACK EventMachine.start_unix_domain_server doesn't return the connection signature
+          #      so we have to go in the internal stuff to find it.
+        @signature = EventMachine.instance_eval{@acceptors.keys.first}
+        ensure
+          File.umask(old_umask)
+        end
+      end
+    end
+  end
+end
+
+
+ def pack_response(response)
+   return [200, {}, [response.to_json.to_str]]
+ end
+-- 
+2.37.3
+
--- a/pcs.spec
+++ b/pcs.spec
@ -1,6 +1,6 @@
 Name: pcs
 Version: 0.11.3
-Release: 3%{?dist}
+Release: 4%{?dist}
 # https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/
 # https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing#Good_Licenses
 # GPLv2: pcs
@ -114,6 +114,7 @@ Patch2: bz2102663-01-fix-pcs-resource-restart-traceback.patch
 Patch3: bz2058243-01-code-formatting.patch
 Patch4: bz2058243-02-make-booth-ticket-mode-value-case-insensitive.patch
 Patch5: bz2026725-01-booth-sync-check-whether-etc-booth-exists.patch
+Patch6: bz2116841-01-fix-ruby-socket-permissions.patch

 # ui patches: >200
 # Patch201: bzNUMBER-01-name.patch
@ -302,6 +303,7 @@ update_times_patch %{PATCH2}
 update_times_patch %{PATCH3}
 update_times_patch %{PATCH4}
 update_times_patch %{PATCH5}
+update_times_patch %{PATCH6}

 # prepare dirs/files necessary for building all bundles
 # -----------------------------------------------------
@ -539,6 +541,10 @@ run_all_tests
 %license pyagentx_LICENSE.txt

 %changelog
+* Mon Sep 05 2022 Miroslav Lisik <mlisik@redhat.com> - 0.11.3-4
+- Fixed ruby socket permissions
+- Resolves: rhbz#2116841
+
 * Thu Jul 28 2022 Miroslav Lisik <mlisik@redhat.com> - 0.11.3-3
 - Fixed booth ticket mode value case insensitive
 - Fixed booth sync check whether /etc/booth exists