#
sub Socket () {
# Create the Server socket by calling the responsible function.
- my $server = &Guardian::Socket::Server();
+ my $server = &Guardian::Socket::Server($mainsettings{SocketOwner});
# Log successfull creation of socket.
$logger->Log("debug", "Listening to Socket...");
return "Invalid LogLevel: $config{LogLevel}";
}
+ # Check if an optional configured SocketOwner is valid.
+ if (exists($config{SocketOwner})) {
+ my ($user, $group) = split(/:/, $config{SocketOwner});
+
+ # Get the ID for the given user name.
+ my $uid = getpwnam($user) or return "The user $user does not exist.";
+
+ # Get the ID for given group name.
+ my $gid = getgrnam($group) or return "The group $group does not exist.";
+ }
+
# The config looks good, so return nothing (no error message).
return undef
}
## mechanism for guardian. The server function creates an UNIX
## socket.
#
-sub Server () {
+sub Server ($) {
+ my $socket_owner = shift;
+
# If the path for the socketfile does not exist, try to
# create it.
unless (-d "$socketpath") {
Type => SOCK_STREAM,
) or die "Could not create socket: $!";
+
+ # Translate the given user/group name into ID values.
+ if (defined ($socket_owner)) {
+ # Splitt provided user/group into single arguments.
+ my ($username, $groupname) = split(/:/, $socket_owner);
+
+ # Get the ID for the given user name.
+ my $uid = getpwnam($username) or die "Could not get an UID for $username: $!";
+
+ # Get the ID for given group name.
+ my $gid = getgrnam($groupname) or die "Could not get a GID for $groupname: $!";
+
+ # Set new ownership for the socket file.
+ chown($uid, $gid, "$socketfile") or die "Could not change ownership to ($uid:$gid) for $socketfile: $!";
+ }
+
# Return the server object.
return $server;
}