[devel] [PATCH hasher-priv v1 1/3] Makefile
Dmitry V. Levin
ldv на altlinux.org
Пт Сен 18 14:33:12 MSK 2020
On Thu, Sep 17, 2020 at 04:12:36PM +0300, Arseny Maslennikov wrote:
> On Fri, Dec 13, 2019 at 12:42:03PM +0100, Alex Gladkov wrote:
[...]
> > @@ -21,6 +21,7 @@ man5dir = $(mandir)/man5
> > man8dir = $(mandir)/man8
> > configdir = $(sysconfdir)/$(PROJECT)
> > helperdir = $(libexecdir)/$(PROJECT)
> > +socketdir = /var/run
>
> Why /var/run and not /run, especially in a new project?
It's the same thing nowadays, isn't it?
> Even further, I would suggest that we store the socket in
> /run/hasher-priv or something, setgid hashman, with 0710 rights. The
> major service managers can create the directory on startup for us:
> there's mkdir(1), there's RuntimeDirectory= and RuntimeDirectoryMode=.
I distinctly remember we discussed this the last autumn or winter.
Yes, unix domain socket access restrictions should be implemented
using directory permissions.
--
ldv
Подробная информация о списке рассылки Devel