IntenseWebs/LACT
3
0
Fork 0
mirror of https://github.com/ilya-zlobintsev/LACT.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

feat: configurable socket owners

Browse Source
This commit is contained in:
Ilya Zlobintsev
2023-02-25 13:27:35 +02:00
parent ea52f583e3
commit 0720140b10
3 changed files with 8 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lact-daemon/src/config.rs
View File

@@ -8,6 +8,7 @@ use std::{collections::HashMap, env, fs, path::PathBuf};
use tracing::debug;
const FILE_NAME: &str = "config.yaml";
const DEFAULT_ADMIN_GROUPS: [&str; 2] = ["wheel", "sudo"];
#[derive(Debug, Clone, Serialize, Deserialize, Default, PartialEq)]
pub struct Config {
@@ -18,12 +19,14 @@ pub struct Config {
#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
pub struct Daemon {
pub log_level: String,
pub admin_groups: Vec<String>,
}
impl Default for Daemon {
fn default() -> Self {
Self {
log_level: "info".to_owned(),
admin_groups: DEFAULT_ADMIN_GROUPS.map(str::to_owned).to_vec(),
}
}
}

2
lact-daemon/src/server/mod.rs
View File

@@ -22,8 +22,8 @@ pub struct Server {
impl Server {
pub async fn new(config: Config) -> anyhow::Result<Self> {
let listener = socket::listen(&config.daemon.admin_groups)?;
let handler = Handler::new(config).await?;
let listener = socket::listen()?;
Ok(Self { handler, listener })
}

10
lact-daemon/src/socket.rs
View File

@@ -7,8 +7,6 @@ use std::{fs, path::PathBuf, str::FromStr};
use tokio::net::UnixListener;
use tracing::{debug, info};
const ADMIN_GROUPS: &[&str] = &["wheel", "sudo"];
pub fn get_socket_path() -> PathBuf {
let uid = getuid();
if uid.is_root() {
@@ -27,7 +25,7 @@ pub fn cleanup() {
debug!("removed socket");
}
pub fn listen() -> anyhow::Result<UnixListener> {
pub fn listen(admin_groups: &[String]) -> anyhow::Result<UnixListener> {
let socket_path = get_socket_path();
if socket_path.exists() {
@@ -43,16 +41,16 @@ pub fn listen() -> anyhow::Result<UnixListener> {
let listener = UnixListener::bind(&socket_path)?;
chown(&socket_path, None, Some(socket_gid()))?;
chown(&socket_path, None, Some(socket_gid(admin_groups)))?;
info!("listening on {socket_path:?}");
Ok(listener)
}
fn socket_gid() -> Gid {
fn socket_gid(admin_groups: &[String]) -> Gid {
if getuid().is_root() {
// Check if the group exists
for group_name in ADMIN_GROUPS {
for group_name in admin_groups {
if let Ok(Some(group)) = Group::from_name(group_name) {
return group.gid;
}