{
spool: /var/spool/nncp
log: /var/spool/nncp/log
+ umask: "022"
+
notify: {
file: {
from: nncp@localhost
to: user+freq@example.com
}
}
+
self: {
id: TIJQL...2NGIA
exchpub: CYVGQ...PSEWQ
noiseprv: D62XU...NKYPA
noisepub: KIBKK...ESM7Q
}
+
neigh: {
self: {
id: TIJQL...2NGIA
directory. @strong{log} field contains an absolute path to @ref{Log,
log} file.
+Non-empty optional @strong{umask} will force all invoked commands to
+override their umask to specified octal mask. Useful for using with
+@ref{Shared spool, shared spool directories}.
+
@anchor{CfgNotify}
@strong{notify} section contains notification settings for successfully
tossed file and freq packets. Corresponding @strong{from} and
@ref{nncp-caller} won't be used to call that node.
@end table
+
+@menu
+* Shared spool directory: Shared spool.
+@end menu
+
+@node Shared spool
+@section Shared spool directory
+
+If you want to share single spool directory with multiple grouped Unix
+users, then you can @command{setgid} it and assure that umask is group
+friendly. For convenience you can set @option{umask} globally for
+invoked NNCP commands in the configuration file. For example:
+
+@verbatim
+$ chgrp nncp /usr/local/etc/nncp.hjson /var/spool/nncp
+$ chmod g+r /usr/local/etc/nncp.hjson
+$ chmod g+rwxs /var/spool/nncp
+$ echo 'umask: "007"' >> /usr/local/etc/nncp.hjson
+@end verbatim
Дубликаты имён файлов имеют суффикс @file{.CTR}, вместо @file{CTR},
чтобы избежать возможных коллизий с @file{.nncp.chunkCTR}.
+@item
+Возможность переопределить umask процесса через опцию конфигурационного
+файла.
+
@item
По умолчанию файлы и директории создаются с 666/777 правами доступа,
позволяя управлять ими @command{umask}-ом.
Duplicate filenames have @file{.CTR} suffix, instead of @file{CTR}, to
avoid possible collisions with @file{.nncp.chunkCTR}.
+@item
+Ability to override process umask through configuration file option.
+
@item
Files and directories are created with 666/777 permissions by default,
allowing control with @command{umask}.
"log"
"os"
"path"
+ "strconv"
"github.com/gorhill/cronexpr"
"github.com/hjson/hjson-go"
}
type CfgJSON struct {
- Spool string `json:"spool"`
- Log string `json:"log"`
+ Spool string `json:"spool"`
+ Log string `json:"log"`
+ Umask string `json:"umask",omitempty`
+
Notify *NotifyJSON `json:"notify,omitempty"`
Self *NodeOurJSON `json:"self"`
if !path.IsAbs(logPath) {
return nil, errors.New("Log path must be absolute")
}
+ var umaskForce *int
+ if cfgJSON.Umask != "" {
+ r, err := strconv.ParseUint(cfgJSON.Umask, 8, 16)
+ if err != nil {
+ return nil, err
+ }
+ rInt := int(r)
+ umaskForce = &rInt
+ }
ctx := Ctx{
- Spool: spoolPath,
- LogPath: logPath,
- Self: self,
- Neigh: make(map[NodeId]*Node, len(cfgJSON.Neigh)),
- Alias: make(map[string]*NodeId),
+ Spool: spoolPath,
+ LogPath: logPath,
+ UmaskForce: umaskForce,
+ Self: self,
+ Neigh: make(map[NodeId]*Node, len(cfgJSON.Neigh)),
+ Alias: make(map[string]*NodeId),
}
if cfgJSON.Notify != nil {
if cfgJSON.Notify.File != nil {
nodeIds[*node.Id] = struct{}{}
}
+ ctx.Umask()
+
sds := nncp.SDS{}
if *doTx {
sds["xx"] = string(nncp.TTx)
}
}
+ ctx.Umask()
if !ctx.CallNode(
node,
addrs,
if ctx.Self == nil {
log.Fatalln("Config lacks private keys")
}
+ ctx.Umask()
var nodes []*nncp.Node
if flag.NArg() > 0 {
noiseprv: %s
noisepub: %s
}
+
neigh: {
self: {
id: %s
spool: %s
# Path to log file
log: %s
+ # Enforce specified umask usage
+ # umask: "022"
# Enable notification email sending
# notify: {
noiseprv: %s
noisepub: %s
}
+
neigh: {
self: {
# You should give public keys below to your neighbours
if err != nil {
log.Fatalln("Error during initialization:", err)
}
+ ctx.Umask()
var nodeOnly *nncp.Node
if *nodeRaw != "" {
if ctx.Self == nil {
log.Fatalln("Config lacks private keys")
}
+ ctx.Umask()
if *inetd {
os.Stderr.Close()
}
nncp.ViaOverride(*viaOverride, ctx, node)
+ ctx.Umask()
if err = ctx.TxExec(
node,
}
nncp.ViaOverride(*viaOverride, ctx, node)
+ ctx.Umask()
var minSize int64
if *argMinSize < 0 {
}
nncp.ViaOverride(*viaOverride, ctx, node)
+ ctx.Umask()
var dst string
if flag.NArg() == 2 {
os.Exit(1)
}
+ ctx.Umask()
+
if flag.NArg() > 0 {
if process(ctx, flag.Arg(0), *keep, *dryRun, *stdout, *dumpMeta) {
return
if err != nil {
log.Fatalln("Error during initialization:", err)
}
+ ctx.Umask()
if *doTmp {
err = filepath.Walk(filepath.Join(ctx.Spool, "tmp"), func(path string, info os.FileInfo, err error) error {
}
sort.Strings(nodeNames)
+ ctx.Umask()
var node *nncp.Node
for _, nodeName := range nodeNames {
node = nodeNameToNode[nodeName]
}
}
+ ctx.Umask()
+
Cycle:
isBad := false
for nodeId, node := range ctx.Neigh {
}
}
+ ctx.Umask()
selfPath := filepath.Join(flag.Arg(0), ctx.SelfId.String())
isBad := false
var dir *os.File
"path/filepath"
"golang.org/x/sys/unix"
+ "syscall"
)
type Ctx struct {
Spool string
LogPath string
+ UmaskForce *int
Quiet bool
Debug bool
NotifyFile *FromToJSON
}
return int64(s.Bavail)*int64(s.Bsize) > want
}
+
+func (ctx *Ctx) Umask() {
+ if ctx.UmaskForce != nil {
+ syscall.Umask(*ctx.UmaskForce)
+ }
+}