[Libguestfs] [PATCH libnbd 2/2] api: Implement local command with systemd socket activation.
Richard W.M. Jones
rjones at redhat.com
Fri Sep 27 07:53:05 UTC 2019
On Thu, Sep 26, 2019 at 04:22:31PM -0500, Eric Blake wrote:
> On 9/26/19 11:40 AM, Richard W.M. Jones wrote:
> >This adds new APIs for running a local NBD server and connecting to it
> >using systemd socket activation (instead of stdin/stdout).
> >
> >This includes interop tests against nbdkit and qemu-nbd which I
> >believe are the only NBD servers supporting socket activation. (If we
> >find others then we can add more interop tests in future.)
> >
> >The upstream spec for systemd socket activation is here:
> >http://0pointer.de/blog/projects/socket-activation.html
> >---
>
> >+
> >+ /* Use /tmp instead of TMPDIR because we must ensure the path is
> >+ * short enough to store in the sockaddr_un. On some platforms this
> >+ * may cause problems so we may need to revisit it. XXX
> >+ */
> >+ h->sa_tmpdir = strdup ("/tmp/libnbdXXXXXX");
> >+ h->sa_sockpath = strdup ("/tmp/libnbdXXXXXX/sock");
> >+ if (h->sa_tmpdir == NULL || h->sa_sockpath == NULL) {
> >+ SET_NEXT_STATE (%.DEAD);
> >+ set_error (errno, "strdup");
> >+ return 0;
> >+ }
> >+
> >+ if (mkdtemp (h->sa_tmpdir) == NULL) {
> >+ SET_NEXT_STATE (%.DEAD);
> >+ set_error (errno, "mkdtemp");
> >+ return 0;
> >+ }
> >+ len = strlen (h->sa_tmpdir);
> >+ memcpy (h->sa_sockpath, h->sa_tmpdir, len);
> >+
> >+ s = socket (AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0);
> >+ if (s == -1) {
> >+ SET_NEXT_STATE (%.DEAD);
> >+ set_error (errno, "socket");
> >+ return 0;
> >+ }
> >+
> >+ addr.sun_family = AF_UNIX;
> >+ memcpy (addr.sun_path, h->sa_sockpath, strlen (h->sa_sockpath) + 1);
>
> What if we used the abstract socket namespace instead? Then we
> don't have to worry about mkdtmp or cleanup of the socket file.
> True, that may only work on Linux, but we could add an API to query
> if we support socket activation (true on Linux, false on BSD)...
AIUI the abstract socket space is not secure because anyone who can
list it (‘lsof -U’) could connect to the socket. We'd have to add a
way for nbdkit to check the connecting process has the same UID using
SO_PEERCRED.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v
More information about the Libguestfs
mailing list