public_git
/
democratic-csi
mirror of https://github.com/democratic-csi/democratic-csi.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

allow tailoring the file mode on the socket file, more secure defaults 

Signed-off-by: Travis Glenn Hansen <travisghansen@yahoo.com>
This commit is contained in:
Travis Glenn Hansen 2022-04-08 09:14:11 -06:00
parent bbe8a1a1f2
commit 914850fda1
3 changed files with 32 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
bin/democratic-csi
View File

@ -69,6 +69,11 @@ const args = require("yargs")
describe: "listen socket for the server", describe: "listen socket for the server",
type: "string", type: "string",
}) })
.option("server-socket-permissions-mode", {
describe: "permissions on the socket file for the server",
type: "string",
default: "0600", // os default is 755
})
.version() .version()
.help().argv; .help().argv;
@ -77,6 +82,8 @@ if (!args.serverSocket && !args.serverAddress && !args.serverPort) {
process.exit(1); process.exit(1);
} }
//console.log(args);
const package = require("../package.json"); const package = require("../package.json");
args.version = package.version; args.version = package.version;
@ -455,7 +462,7 @@ if (require.main === module) {
); );
}); });
fs.chmodSync(socketPath, 0o666); fs.chmodSync(socketPath, args["server-socket-permissions-mode"]);
} }
csiServer.start(); csiServer.start();
} catch (e) { } catch (e) {

67
package-lock.json generated
View File

@ -1,12 +1,12 @@
{ {
"name": "democratic-csi", "name": "democratic-csi",
"version": "1.6.2", "version": "1.6.3",
"lockfileVersion": 2, "lockfileVersion": 2,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "democratic-csi", "name": "democratic-csi",
"version": "1.6.2", "version": "1.6.3",
"license": "MIT", "license": "MIT",
"dependencies": { "dependencies": {
"@grpc/grpc-js": "^1.5.7", "@grpc/grpc-js": "^1.5.7",
@ -1689,9 +1689,9 @@
} }
}, },
"node_modules/keyv": { "node_modules/keyv": {
"version": "4.2.1", "version": "4.2.2",
"resolved": "https://registry.npmjs.org/keyv/-/keyv-4.2.1.tgz", "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.2.2.tgz",
"integrity": "sha512-cAJq5cTfxQdq1DHZEVNpnk4mEvhP+8UP8UQftLtTtJ98beKkRHf+62M0mIDM2u/IWXyP8bmGB375/6uGdSX2MA==", "integrity": "sha512-uYS0vKTlBIjNCAUqrjlxmruxOEiZxZIHXyp32sdcGmP+ukFrmWUnE//RcPXJH3Vxrni1H2gsQbjHE0bH7MtMQQ==",
"dependencies": { "dependencies": {
"compress-brotli": "^1.3.6", "compress-brotli": "^1.3.6",
"json-buffer": "3.0.1" "json-buffer": "3.0.1"
@ -1757,9 +1757,9 @@
} }
}, },
"node_modules/lru-cache": { "node_modules/lru-cache": {
"version": "7.7.3", "version": "7.8.0",
"resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.7.3.tgz", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.8.0.tgz",
"integrity": "sha512-WY9wjJNQt9+PZilnLbuFKM+SwDull9+6IAguOrarOMoOHTcJ9GnXSO11+Gw6c7xtDkBkthR57OZMtZKYr+1CEw==", "integrity": "sha512-AmXqneQZL3KZMIgBpaPTeI6pfwh+xQ2vutMsyqOu1TBdEXFZgpG/80wuJ531w2ZN7TI0/oc8CPxzh/DKQudZqg==",
"engines": { "engines": {
"node": ">=12" "node": ">=12"
} }
@ -2440,28 +2440,17 @@
"integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
}, },
"node_modules/semver": { "node_modules/semver": {
"version": "7.3.5", "version": "7.3.6",
"resolved": "https://registry.npmjs.org/semver/-/semver-7.3.5.tgz", "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.6.tgz",
"integrity": "sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==", "integrity": "sha512-HZWqcgwLsjaX1HBD31msI/rXktuIhS+lWvdE4kN9z+8IVT4Itc7vqU2WvYsyD6/sjYCt4dEKH/m1M3dwI9CC5w==",
"dependencies": { "dependencies": {
"lru-cache": "^6.0.0" "lru-cache": "^7.4.0"
}, },
"bin": { "bin": {
"semver": "bin/semver.js" "semver": "bin/semver.js"
}, },
"engines": { "engines": {
"node": ">=10" "node": "^10.0.0 || ^12.0.0 || ^14.0.0 || >=16.0.0"
}
},
"node_modules/semver/node_modules/lru-cache": {
"version": "6.0.0",
"resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz",
"integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==",
"dependencies": {
"yallist": "^4.0.0"
},
"engines": {
"node": ">=10"
} }
}, },
"node_modules/shebang-command": { "node_modules/shebang-command": {
@ -4278,9 +4267,9 @@
} }
}, },
"keyv": { "keyv": {
"version": "4.2.1", "version": "4.2.2",
"resolved": "https://registry.npmjs.org/keyv/-/keyv-4.2.1.tgz", "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.2.2.tgz",
"integrity": "sha512-cAJq5cTfxQdq1DHZEVNpnk4mEvhP+8UP8UQftLtTtJ98beKkRHf+62M0mIDM2u/IWXyP8bmGB375/6uGdSX2MA==", "integrity": "sha512-uYS0vKTlBIjNCAUqrjlxmruxOEiZxZIHXyp32sdcGmP+ukFrmWUnE//RcPXJH3Vxrni1H2gsQbjHE0bH7MtMQQ==",
"requires": { "requires": {
"compress-brotli": "^1.3.6", "compress-brotli": "^1.3.6",
"json-buffer": "3.0.1" "json-buffer": "3.0.1"
@ -4340,9 +4329,9 @@
"integrity": "sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA==" "integrity": "sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA=="
}, },
"lru-cache": { "lru-cache": {
"version": "7.7.3", "version": "7.8.0",
"resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.7.3.tgz", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.8.0.tgz",
"integrity": "sha512-WY9wjJNQt9+PZilnLbuFKM+SwDull9+6IAguOrarOMoOHTcJ9GnXSO11+Gw6c7xtDkBkthR57OZMtZKYr+1CEw==" "integrity": "sha512-AmXqneQZL3KZMIgBpaPTeI6pfwh+xQ2vutMsyqOu1TBdEXFZgpG/80wuJ531w2ZN7TI0/oc8CPxzh/DKQudZqg=="
}, },
"make-error": { "make-error": {
"version": "1.3.6", "version": "1.3.6",
@ -4853,21 +4842,11 @@
"integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
}, },
"semver": { "semver": {
"version": "7.3.5", "version": "7.3.6",
"resolved": "https://registry.npmjs.org/semver/-/semver-7.3.5.tgz", "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.6.tgz",
"integrity": "sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==", "integrity": "sha512-HZWqcgwLsjaX1HBD31msI/rXktuIhS+lWvdE4kN9z+8IVT4Itc7vqU2WvYsyD6/sjYCt4dEKH/m1M3dwI9CC5w==",
"requires": { "requires": {
"lru-cache": "^6.0.0" "lru-cache": "^7.4.0"
},
"dependencies": {
"lru-cache": {
"version": "6.0.0",
"resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz",
"integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==",
"requires": {
"yallist": "^4.0.0"
}
}
} }
}, },
"shebang-command": { "shebang-command": {

2
package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "democratic-csi", "name": "democratic-csi",
"version": "1.6.2", "version": "1.6.3",
"description": "kubernetes csi driver framework", "description": "kubernetes csi driver framework",
"main": "bin/democratic-csi", "main": "bin/democratic-csi",
"scripts": { "scripts": {