face: Create the socket file in UnixStreamChannel world-writable.
Fixes a permission denied error when nfd is run as root and a non-root
application tries to communicate with it over a Unix face.
refs: #1272
Change-Id: I4ba60f9a9dfbec12d787424dff98f38b76b48cf0
diff --git a/daemon/face/unix-stream-channel.cpp b/daemon/face/unix-stream-channel.cpp
index 428d33e..ebc7e77 100644
--- a/daemon/face/unix-stream-channel.cpp
+++ b/daemon/face/unix-stream-channel.cpp
@@ -7,6 +7,7 @@
#include "unix-stream-channel.hpp"
#include <boost/filesystem.hpp>
+#include <sys/stat.h> // for chmod()
namespace nfd {
@@ -54,6 +55,11 @@
m_acceptor->bind(m_endpoint);
m_acceptor->listen(backlog);
+ if (::chmod(m_endpoint.path().c_str(), 0666) < 0)
+ {
+ throw Error("Failed to chmod() socket file at " + m_endpoint.path());
+ }
+
shared_ptr<stream_protocol::socket> clientSocket =
make_shared<stream_protocol::socket>(boost::ref(m_ioService));
m_acceptor->async_accept(*clientSocket,
diff --git a/daemon/face/unix-stream-channel.hpp b/daemon/face/unix-stream-channel.hpp
index bd0a81e..3bbc8a3 100644
--- a/daemon/face/unix-stream-channel.hpp
+++ b/daemon/face/unix-stream-channel.hpp
@@ -38,6 +38,14 @@
typedef function<void(const std::string& reason)> ConnectFailedCallback;
/**
+ * \brief UnixStreamChannel-related error
+ */
+ struct Error : public std::runtime_error
+ {
+ Error(const std::string& what) : std::runtime_error(what) {}
+ };
+
+ /**
* \brief Create UnixStream channel for the specified endpoint
*
* To enable creation of faces upon incoming connections, one