Skip to content

Commit

Permalink
Merge pull request #148 from vinayakankugoyal/umask
Browse files Browse the repository at this point in the history 
konnectivity-server should make the socket group readable and writeab…
  • Loading branch information
@k8s-ci-robot
k8s-ci-robot authored Oct 12, 2020
2 parents a2242e4 + 42458c2 commit 4304536
Showing 1 changed file with 20 additions and 6 deletions.
26 changes: 20 additions & 6 deletions cmd/server/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ import (
"os"
"os/signal"
"runtime"
"sync"
"syscall"

"github.com/google/uuid"
Expand All @@ -46,6 +47,8 @@ import (
"sigs.k8s.io/apiserver-network-proxy/proto/agent"
)

var udsListenerLock sync.Mutex

func main() {
// flag.CommandLine.Parse(os.Args[1:])
proxy := &Proxy{}
Expand Down Expand Up @@ -397,6 +400,19 @@ func SetupSignalHandler() (stopCh <-chan struct{}) {
return stop
}

func getUDSListener(ctx context.Context, udsName string) (net.Listener, error) {
udsListenerLock.Lock()
defer udsListenerLock.Unlock()
oldUmask := syscall.Umask(0007)
defer syscall.Umask(oldUmask)
var lc net.ListenConfig
lis, err := lc.Listen(ctx, "unix", udsName)
if err != nil {
return nil, fmt.Errorf("failed to listen(unix) name %s: %v", udsName, err)
}
return lis, nil
}

func (p *Proxy) runMasterServer(ctx context.Context, o *ProxyRunOptions, server *server.ProxyServer) (StopFunc, error) {
if o.udsName != "" {
return p.runUDSMasterServer(ctx, o, server)
Expand All @@ -414,10 +430,9 @@ func (p *Proxy) runUDSMasterServer(ctx context.Context, o *ProxyRunOptions, s *s
if o.mode == "grpc" {
grpcServer := grpc.NewServer()
client.RegisterProxyServiceServer(grpcServer, s)
var lc net.ListenConfig
lis, err := lc.Listen(ctx, "unix", o.udsName)
lis, err := getUDSListener(ctx, o.udsName)
if err != nil {
return nil, fmt.Errorf("failed to listen(unix) name %s: %v", o.udsName, err)
return nil, fmt.Errorf("failed to get uds listener: %v", err)
}
go grpcServer.Serve(lis)
stop = grpcServer.GracefulStop
Expand All @@ -430,10 +445,9 @@ func (p *Proxy) runUDSMasterServer(ctx context.Context, o *ProxyRunOptions, s *s
}
stop = func() { server.Shutdown(ctx) }
go func() {
var lc net.ListenConfig
udsListener, err := lc.Listen(ctx, "unix", o.udsName)
udsListener, err := getUDSListener(ctx, o.udsName)
if err != nil {
klog.ErrorS(err, "failed to listen on uds", "name", o.udsName)
klog.ErrorS(err, "failed to get uds listener")
}
defer func() {
udsListener.Close()
Expand Down

0 comments on commit 4304536

Please sign in to comment.