diff options
author | Rob Austein <sra@hactrn.net> | 2018-07-15 13:47:37 -0400 |
---|---|---|
committer | Rob Austein <sra@hactrn.net> | 2018-07-15 13:47:37 -0400 |
commit | dbd5f984d93e0c1a94afe54882c1aeecd510784d (patch) | |
tree | 7267ecfd10499270ac1a2c9087390e4b2add0c75 /cryptech_muxd | |
parent | af18760ea95c1f247cafe54262b79f73e8b904d6 (diff) |
Support PF_UNIX socket inode modes other than 0600.
Diffstat (limited to 'cryptech_muxd')
-rwxr-xr-x | cryptech_muxd | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/cryptech_muxd b/cryptech_muxd index d306eaf..1aecb1e 100755 --- a/cryptech_muxd +++ b/cryptech_muxd @@ -419,6 +419,10 @@ def main(): default = os.getenv("CRYPTECH_RPC_CLIENT_SOCKET_NAME", "/tmp/.cryptech_muxd.rpc")) + parser.add_argument("--rpc-socket-mode", + help = "permission bits for RPC socket inode", + default = 0600, type = lambda s: int(s, 8)) + parser.add_argument("--cty-device", help = "CTY serial device name", default = os.getenv("CRYPTECH_CTY_CLIENT_SERIAL_DEVICE")) @@ -428,6 +432,10 @@ def main(): default = os.getenv("CRYPTECH_CTY_CLIENT_SOCKET_NAME", "/tmp/.cryptech_muxd.cty")) + parser.add_argument("--cty-socket-mode", + help = "permission bits for CTY socket inode", + default = 0600, type = lambda s: int(s, 8)) + args = parser.parse_args() if args.log_file is not None: @@ -454,7 +462,7 @@ def main(): logger.warn("No RPC device found") else: rpc_stream = RPCIOStream(device = args.rpc_device) - rpc_server = RPCServer(rpc_stream, args.rpc_socket) + rpc_server = RPCServer(rpc_stream, args.rpc_socket, args.rpc_socket_mode) futures.append(rpc_stream.rpc_output_loop()) futures.append(rpc_stream.logout_all()) @@ -462,7 +470,7 @@ def main(): logger.warn("No CTY device found") else: cty_stream = CTYIOStream(device = args.cty_device, console_log = console_log) - cty_server = CTYServer(cty_stream, args.cty_socket) + cty_server = CTYServer(cty_stream, args.cty_socket, args.cty_socket_mode) futures.append(cty_stream.cty_output_loop()) # Might want to use WaitIterator(dict(...)) here so we can |