give a permissions to a process that is running as a user to access domain socket and connect to my server

bachra04
bachra04 used Ask the Experts™
on
I have a tcp server running on linux and bound to unix domain socket

I want to allow (give permission ) to another process (running as a user) to connect to the server using the same domain socket.

How Can I achieve that ?


Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Fractional CTO
Distinguished Expert 2018
Commented:
Likely you'll do this exactly like any other file.

Using normal user + group ids, however you arrange this in your runtime environment.

You might also use setfacl, if you have more complex requirements.

My guess is you'll leave the domain socket user/group/permissions alone + then use setfacl to add ACLs for other users/groups requiring access.

For example, let's say Apache www-data owns a set of files + you'd like to add many users to access different parts of your Apache files.

You'd use a command similar to this...

useradd --user-group -G www-data --shell=/usr/bin/mysecureshell --home=/path user
setfacl -Rm d:u:user:rwX,u:user:rwX /path

Open in new window


The exact user/group/permissions you assign depend on your unique situation.

In your case, you'd skip the useradd, as you'll be using existing users.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial