mirrors/libguestfs
1
0
Fork 0
mirror of https://github.com/libguestfs/libguestfs.git synced 2026-03-22 07:03:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: clarify sockdir's separation

Browse Source 
There's another reason for separating sockdir from tmpdir, beyond "shorter
pathnames needed": permissions. For example, passt drops privileges such
that it cannot access "/tmp", and that restricts both the unix domain
socket and the PID file of passt.

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2184967
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
Message-Id: <20230714132213.96616-5-lersek@redhat.com>
This commit is contained in:
Laszlo Ersek
2023-07-14 15:22:10 +02:00
parent b4a4b754c6
commit 21ccddecf7
3 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
fish/guestfish.pod
View File

@@ -1548,8 +1548,8 @@ See L</LIBGUESTFS_CACHEDIR>, L</LIBGUESTFS_TMPDIR>.
This directory represents a user-specific directory for storing
non-essential runtime files.
If it is set, then is used to store temporary sockets. Otherwise,
F</tmp> is used.
If it is set, then is used to store temporary sockets and PID files.
Otherwise, F</tmp> is used.
See also L</get-sockdir>,
L<http://www.freedesktop.org/wiki/Specifications/basedir-spec/>.

8
generator/actions_properties.ml
View File

@@ -595,13 +595,17 @@ Get the handle identifier. See C<guestfs_set_identifier>." };
name = "get_sockdir"; added = (1, 33, 8);
style = RString (RPlainString, "sockdir"), [], [];
blocking = false;
shortdesc = "get the temporary directory for sockets";
shortdesc = "get the temporary directory for sockets and PID files";
longdesc = "\
Get the directory used by the handle to store temporary socket files.
Get the directory used by the handle to store temporary socket and PID
files.
This is different from C<guestfs_get_tmpdir>, as we need shorter
paths for sockets (due to the limited buffers of filenames for UNIX
sockets), and C<guestfs_get_tmpdir> may be too long for them.
Furthermore, sockets and PID files must be accessible to such background
services started by libguestfs that may not have permission to access
the temporary directory returned by C<guestfs_get_tmpdir>.
The environment variable C<XDG_RUNTIME_DIR> controls the default
value: If C<XDG_RUNTIME_DIR> is set, then that is the default.

4
lib/guestfs.pod
View File

@@ -3220,8 +3220,8 @@ See L</LIBGUESTFS_CACHEDIR>, L</LIBGUESTFS_TMPDIR>.
This directory represents a user-specific directory for storing
non-essential runtime files.
If it is set, then is used to store temporary sockets. Otherwise,
F</tmp> is used.
If it is set, then is used to store temporary sockets and PID files.
Otherwise, F</tmp> is used.
See also L</guestfs_get_sockdir>,
L<http://www.freedesktop.org/wiki/Specifications/basedir-spec/>.