Fixed problems on stats file when dropping perms

This commit is contained in:
Dennis Schwerdel 2019-12-06 09:55:24 +01:00
parent 04e2892c8e
commit cd09311059
3 changed files with 48 additions and 20 deletions

View File

@ -2,6 +2,13 @@
This project follows [semantic versioning](http://semver.org). This project follows [semantic versioning](http://semver.org).
### Unreleased
- [changed] Also drop privileges in foreground mode
- [changed] Set builders to Ubuntu 16.04 and CentOS 7
- [fixed] Added parameter keepalive to manpage
- [fixed] Fixed problems on stats file when dropping permissions
### v1.1.0 (2019-12-04) ### v1.1.0 (2019-12-04)
- [added] Exchange peer timeout and adapt keepalive accordingly - [added] Exchange peer timeout and adapt keepalive accordingly

View File

@ -6,12 +6,11 @@ use std::{
cmp::min, cmp::min,
collections::HashMap, collections::HashMap,
fmt, fmt,
fs::{self, File, Permissions}, fs::File,
hash::BuildHasherDefault, hash::BuildHasherDefault,
io::{self, Write}, io::{self, Write},
marker::PhantomData, marker::PhantomData,
net::{SocketAddr, ToSocketAddrs}, net::{SocketAddr, ToSocketAddrs}
os::unix::fs::PermissionsExt
}; };
use fnv::FnvHasher; use fnv::FnvHasher;
@ -230,6 +229,7 @@ pub struct GenericCloud<D: Device, P: Protocol, T: Table, S: Socket, TS: TimeSou
peer_timeout_publish: u16, peer_timeout_publish: u16,
update_freq: u16, update_freq: u16,
buffer_out: [u8; 64 * 1024], buffer_out: [u8; 64 * 1024],
stats_file: Option<File>,
next_housekeep: Time, next_housekeep: Time,
next_stats_out: Time, next_stats_out: Time,
next_beacon: Time, next_beacon: Time,
@ -244,7 +244,7 @@ impl<D: Device, P: Protocol, T: Table, S: Socket, TS: TimeSource> GenericCloud<D
#[allow(clippy::too_many_arguments)] #[allow(clippy::too_many_arguments)]
pub fn new( pub fn new(
config: &Config, device: D, table: T, learning: bool, broadcast: bool, addresses: Vec<Range>, crypto: Crypto, config: &Config, device: D, table: T, learning: bool, broadcast: bool, addresses: Vec<Range>, crypto: Crypto,
port_forwarding: Option<PortForwarding> port_forwarding: Option<PortForwarding>, stats_file: Option<File>
) -> Self ) -> Self
{ {
let socket4 = match S::listen_v4("0.0.0.0", config.port) { let socket4 = match S::listen_v4("0.0.0.0", config.port) {
@ -278,6 +278,7 @@ impl<D: Device, P: Protocol, T: Table, S: Socket, TS: TimeSource> GenericCloud<D
device, device,
next_peerlist: now, next_peerlist: now,
update_freq: config.get_keepalive() as u16, update_freq: config.get_keepalive() as u16,
stats_file,
buffer_out: [0; 64 * 1024], buffer_out: [0; 64 * 1024],
next_housekeep: now, next_housekeep: now,
next_stats_out: now + STATS_INTERVAL, next_stats_out: now + STATS_INTERVAL,
@ -586,18 +587,16 @@ impl<D: Device, P: Protocol, T: Table, S: Socket, TS: TimeSource> GenericCloud<D
/// Calculates, resets and writes out the statistics to a file /// Calculates, resets and writes out the statistics to a file
fn write_out_stats(&mut self) -> Result<(), io::Error> { fn write_out_stats(&mut self) -> Result<(), io::Error> {
if self.config.stats_file.is_none() { if let Some(ref mut f) = self.stats_file {
return Ok(())
}
debug!("Writing out stats"); debug!("Writing out stats");
let mut f = File::create(self.config.stats_file.as_ref().unwrap())?; f.set_len(0)?;
self.peers.write_out(&mut f)?; self.peers.write_out(f)?;
writeln!(&mut f)?; writeln!(f)?;
self.table.write_out(&mut f)?; self.table.write_out(f)?;
writeln!(&mut f)?; writeln!(f)?;
self.traffic.write_out(&mut f)?; self.traffic.write_out(f)?;
writeln!(&mut f)?; writeln!(f)?;
fs::set_permissions(self.config.stats_file.as_ref().unwrap(), Permissions::from_mode(0o644))?; }
Ok(()) Ok(())
} }

View File

@ -33,9 +33,10 @@ pub mod udpmessage;
use docopt::Docopt; use docopt::Docopt;
use std::{ use std::{
fs::File, fs::{self, File, Permissions},
io::{self, Write}, io::{self, Write},
net::UdpSocket, net::UdpSocket,
os::unix::fs::PermissionsExt,
path::Path, path::Path,
process::Command, process::Command,
str::FromStr, str::FromStr,
@ -166,7 +167,7 @@ impl<P: Protocol> AnyCloud<P> {
#[allow(unknown_lints, clippy::too_many_arguments)] #[allow(unknown_lints, clippy::too_many_arguments)]
fn new( fn new(
config: &Config, device: TunTapDevice, table: AnyTable, learning: bool, broadcast: bool, addresses: Vec<Range>, config: &Config, device: TunTapDevice, table: AnyTable, learning: bool, broadcast: bool, addresses: Vec<Range>,
crypto: Crypto, port_forwarding: Option<PortForwarding> crypto: Crypto, port_forwarding: Option<PortForwarding>, stats_file: Option<File>
) -> Self ) -> Self
{ {
match table { match table {
@ -178,7 +179,15 @@ impl<P: Protocol> AnyCloud<P> {
UdpSocket, UdpSocket,
SystemTimeSource SystemTimeSource
>::new( >::new(
config, device, t, learning, broadcast, addresses, crypto, port_forwarding config,
device,
t,
learning,
broadcast,
addresses,
crypto,
port_forwarding,
stats_file
)) ))
} }
AnyTable::Routing(t) => { AnyTable::Routing(t) => {
@ -190,7 +199,8 @@ impl<P: Protocol> AnyCloud<P> {
broadcast, broadcast,
addresses, addresses,
crypto, crypto,
port_forwarding port_forwarding,
stats_file
)) ))
} }
} }
@ -256,7 +266,19 @@ fn run<P: Protocol>(config: Config) {
None => Crypto::None None => Crypto::None
}; };
let port_forwarding = if config.port_forwarding { PortForwarding::new(config.port) } else { None }; let port_forwarding = if config.port_forwarding { PortForwarding::new(config.port) } else { None };
let mut cloud = AnyCloud::<P>::new(&config, device, table, learning, broadcasting, ranges, crypto, port_forwarding); let stats_file = match config.stats_file {
None => None,
Some(ref name) => {
let file = try_fail!(File::create(name), "Failed to create stats file: {}");
try_fail!(
fs::set_permissions(name, Permissions::from_mode(0o644)),
"Failed to set permissions on stats file: {}"
);
Some(file)
}
};
let mut cloud =
AnyCloud::<P>::new(&config, device, table, learning, broadcasting, ranges, crypto, port_forwarding, stats_file);
if let Some(script) = config.ifup { if let Some(script) = config.ifup {
run_script(&script, cloud.ifname()); run_script(&script, cloud.ifname());
} }