[chrony-users] File permissions issues using SOCK protocol

Discussion:

Stuart Maclean

2018-02-20 20:46:38 UTC

My chrony.conf file is this:

refclock SOCK /var/run/chrony.serial.sock refid CSAC noselect

refclock SOCK /var/run/chrony.pps.sock refid PPS lock CSAC

When I start chronyd (version 3.2) at boot, it creates

/var/run/chrony.serial.sock

and

/var/run/chrony.pps.sock

with read + write permissions for root only.

I have a client program which uses the two sockets above. It needs
write permissions I think, in order to write data to chronyd.

I would like to run my client as a regular user, since it has no need
for root privs other than to write to this socket.

Is there any way to do this? Can chronyd create/open the socket paths
with a more liberal write access?

Any help appreciated.

Stuart

--
To unsubscribe email chrony-users-***@chrony.tuxfamily.org
with "unsubscribe" in the subject.
For help email chrony-users-***@chrony.tuxfamily.org
with "help" in the subject.
Trouble? Email ***@chrony.tuxfamily.org.

Bill Unruh

2018-02-20 21:18:34 UTC

Permalink

Post by Stuart Maclean
refclock SOCK /var/run/chrony.serial.sock refid CSAC noselect
refclock SOCK /var/run/chrony.pps.sock refid PPS lock CSAC
When I start chronyd (version 3.2) at boot, it creates
/var/run/chrony.serial.sock
and
/var/run/chrony.pps.sock
with read + write permissions for root only.
I have a client program which uses the two sockets above. It needs
write permissions I think, in order to write data to chronyd.

Why would you want your client program to write to the socket?

What are you trying to do?

Post by Stuart Maclean
I would like to run my client as a regular user, since it has no need
for root privs other than to write to this socket.
Is there any way to do this? Can chronyd create/open the socket paths
with a more liberal write access?
Any help appreciated.
Stuart

Miroslav Lichvar

2018-02-21 08:48:45 UTC

Permalink

Post by Stuart Maclean
I have a client program which uses the two sockets above. It needs
write permissions I think, in order to write data to chronyd.
I would like to run my client as a regular user, since it has no need
for root privs other than to write to this socket.
Is there any way to do this? Can chronyd create/open the socket paths
with a more liberal write access?

There is no support for that in chrony.

You could start the daemon with a umask of 0000 (e.g. set it in the
init script or the systemd unit file), so it would create all files
and sockets with full permissions, but I'm not sure if that is a good
idea from the security point of view.

A better approach would be to modify the init script/unit file to
change the ownership of the sockets using chown after chronyd is
started.

And another approach would be to start the client under root, open the
socket and then drop the root privileges. This is how gpsd and
ntp-refclock work. An advantage is that the devices in /dev that the
client needs to open don't have to have write permissions for everyone
or be owned by the user.

--
Miroslav Lichvar
--
To unsubscribe email chrony-users-***@chrony.tuxfamily.org
with "unsubscribe" in the subject.
For help email chrony-users-***@chrony.tuxfamily.org
with "help" in the subject.
Trouble? Email ***@chrony.tuxfamily.org.

Stuart Maclean

2018-02-21 17:52:23 UTC

Permalink

Hi Miroslav, all,

in the end I took the idea from here

https://stackoverflow.com/questions/31619445/how-to-create-a-unix-domain-socket-with-specific-access-permissions

and just wrapped the bind call as needed. Specifically, in
refclock_sock.c, routine sock_initialize:

mode_t maskCurrent = umask(0);
if (bind(sockfd, (struct sockaddr *)&s, sizeof (s)) < 0) {
LOG_FATAL("bind() failed");
return 0;
}
umask( maskCurrent );

That then gives we just world read,write access to those Unix domain
sockets. Given that I have to build chrony from source anyway, since I
am running on arm9, tweaking the code wasn't so hard. My original
question was to make sure there wasn't an option in chrony.conf or a cmd
line one to achieve the same thing.

Stuart