From b9be6767abcea850f69123a61e75c26d0b012076 Mon Sep 17 00:00:00 2001 From: Pau Espin Pedrol Date: Wed, 12 Jan 2022 17:26:17 +0100 Subject: [PATCH] server: Add vty command file-permission-mask Related: SYS#5792 Change-Id: I78e0b56b38de438ee5fb679ae41c65b02ea2e722 --- .../osmo-pcap-server/osmo-pcap-server-tls.cfg | 1 + .../osmo-pcap-server/osmo-pcap-server.cfg | 1 + include/osmo-pcap/osmo_pcap_server.h | 1 + src/osmo_server_main.c | 1 + src/osmo_server_network.c | 2 +- src/osmo_server_vty.c | 42 +++++++++++++++++++ 6 files changed, 47 insertions(+), 1 deletion(-) diff --git a/doc/examples/osmo-pcap-server/osmo-pcap-server-tls.cfg b/doc/examples/osmo-pcap-server/osmo-pcap-server-tls.cfg index 52f66f5..1b89ba5 100644 --- a/doc/examples/osmo-pcap-server/osmo-pcap-server-tls.cfg +++ b/doc/examples/osmo-pcap-server/osmo-pcap-server-tls.cfg @@ -16,6 +16,7 @@ line vty ! server base-path /tmp + file-permission-mask 0440 server ip 127.0.0.1 server port 6001 max-file-size 262144000 diff --git a/doc/examples/osmo-pcap-server/osmo-pcap-server.cfg b/doc/examples/osmo-pcap-server/osmo-pcap-server.cfg index 2f4123a..e380113 100644 --- a/doc/examples/osmo-pcap-server/osmo-pcap-server.cfg +++ b/doc/examples/osmo-pcap-server/osmo-pcap-server.cfg @@ -16,6 +16,7 @@ line vty ! server base-path /tmp + file-permission-mask 0440 server ip 127.0.0.1 server port 6001 max-file-size 262144000 diff --git a/include/osmo-pcap/osmo_pcap_server.h b/include/osmo-pcap/osmo_pcap_server.h index 7de94a6..6d2afcf 100644 --- a/include/osmo-pcap/osmo_pcap_server.h +++ b/include/osmo-pcap/osmo_pcap_server.h @@ -129,6 +129,7 @@ struct osmo_pcap_server { bool dh_params_allocated; char *base_path; + mode_t permission_mask; off_t max_size; int max_snaplen; diff --git a/src/osmo_server_main.c b/src/osmo_server_main.c index f198b58..3b73b81 100644 --- a/src/osmo_server_main.c +++ b/src/osmo_server_main.c @@ -284,6 +284,7 @@ int main(int argc, char **argv) INIT_LLIST_HEAD(&pcap_server->conn); pcap_server->base_path = talloc_strdup(pcap_server, "./"); + pcap_server->permission_mask = 0440; pcap_server->max_size = 1073741824; pcap_server->max_snaplen = DEFAULT_SNAPLEN; diff --git a/src/osmo_server_network.c b/src/osmo_server_network.c index 47ede72..025f560 100644 --- a/src/osmo_server_network.c +++ b/src/osmo_server_network.c @@ -171,7 +171,7 @@ static void restart_pcap(struct osmo_pcap_conn *conn) return; } - conn->local_fd = creat(conn->curr_filename, 0440); + conn->local_fd = creat(conn->curr_filename, conn->server->permission_mask); if (conn->local_fd < 0) { LOGP(DSERVER, LOGL_ERROR, "Failed to file: '%s'\n", conn->curr_filename); return; diff --git a/src/osmo_server_vty.c b/src/osmo_server_vty.c index 87bcfa2..796aed8 100644 --- a/src/osmo_server_vty.c +++ b/src/osmo_server_vty.c @@ -88,6 +88,7 @@ static int config_write_server(struct vty *vty) if (pcap_server->base_path) vty_out(vty, " base-path %s%s", pcap_server->base_path, VTY_NEWLINE); + vty_out(vty, " file-permission-mask 0%o%s", pcap_server->permission_mask, VTY_NEWLINE); if (pcap_server->addr) vty_out(vty, " server ip %s%s", pcap_server->addr, VTY_NEWLINE); if (pcap_server->port > 0) @@ -132,6 +133,46 @@ DEFUN(cfg_server_base, return CMD_SUCCESS; } +DEFUN(cfg_server_file_permission_mask, + cfg_server_file_permission_mask_cmd, + "file-permission-mask MODE", + "Permission mask to use when creating pcap files\n" + "The file permission mask, in octal format (default: 0440)\n") +{ + unsigned long long val; + char *endptr; + + errno = 0; + val = strtoul(argv[0], &endptr, 8); + + switch (errno) { + case 0: + break; + case ERANGE: + case EINVAL: + default: + goto ret_invalid; + } + if (!endptr || *endptr) { + /* No chars were converted */ + if (endptr == argv[0]) + goto ret_invalid; + /* Or there are surplus chars after the converted number */ + goto ret_invalid; + } + + /* 'man mode_t': "According to POSIX, it shall be an integer type." */ + if (val > INT_MAX) + goto ret_invalid; + + pcap_server->permission_mask = val; + return CMD_SUCCESS; + +ret_invalid: + vty_out(vty, "%% File permission mask out of range: '%s'%s", argv[0], VTY_NEWLINE); + return CMD_WARNING; +} + DEFUN(cfg_server_ip, cfg_server_ip_cmd, "server ip A.B.C.D", @@ -519,6 +560,7 @@ void vty_server_init(void) install_node(&server_node, config_write_server); install_element(SERVER_NODE, &cfg_server_base_cmd); + install_element(SERVER_NODE, &cfg_server_file_permission_mask_cmd); install_element(SERVER_NODE, &cfg_server_ip_cmd); install_element(SERVER_NODE, &cfg_server_port_cmd); install_element(SERVER_NODE, &cfg_server_max_size_cmd);