docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1485 from dotcloud/1471-unixsocket-group 

* Runtime: API, issue 1471: Use groups for socket permissions
This commit is contained in:
Guillaume J. Charmes 2013-08-12 16:21:53 -07:00
parent 90cb66f08d 999a8d7249
commit f6760fca88
1 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
api.go
View File

@ -15,6 +15,7 @@ import (
"net/http" "net/http"
"os" "os"
"os/exec" "os/exec"
"regexp"
"strconv" "strconv"
"strings" "strings"
) )
@ -1086,7 +1087,25 @@ func ListenAndServe(proto, addr string, srv *Server, logging bool) error {
return e return e
} }
if proto == "unix" { if proto == "unix" {
os.Chmod(addr, 0700) if err := os.Chmod(addr, 0660); err != nil {
return err
}
groups, err := ioutil.ReadFile("/etc/group")
if err != nil {
return err
}
re := regexp.MustCompile("(^|\n)docker:.*?:([0-9]+)")
if gidMatch := re.FindStringSubmatch(string(groups)); gidMatch != nil {
gid, err := strconv.Atoi(gidMatch[2])
if err != nil {
return err
}
utils.Debugf("docker group found. gid: %d", gid)
if err := os.Chown(addr, 0, gid); err != nil {
return err
}
}
} }
httpSrv := http.Server{Addr: addr, Handler: r} httpSrv := http.Server{Addr: addr, Handler: r}
return httpSrv.Serve(l) return httpSrv.Serve(l)