-
-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: support setting socket permissions #12211
base: main
Are you sure you want to change the base?
Conversation
🦋 Changeset detectedLatest commit: ba78b11 The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
a0243f1
to
d29981d
Compare
I don't quite understand when you would use this new option. Also, the docs would need to be updated to include a mention of it |
Current the socket is created based on the umask (commonly `0022`), resulting in read only sockets. This change adds the env variable `0022`, which configures `writableAll`, supporting writable sockets.
I have a setup where multiple applications are run in containers (podman) with directories mounted onto the host, through which unix sockets are made available. Currently, the socket from node is not accessible by non-root users;
A minimal reproduction of what is happening;
As Digging through the layers;
On unix to set the file permissions normally you call Digging back into A better solution; Since polka is passing everything through to
This creates the socket with writable permissions;
I've made this same change and update the documentation. Hopefully that all makes sense and the change is sensible. |
Currently the socket is created with
755
, which prevents potentially prevents other users from accessing the socket.This change adds the env variable
SOCKET_PATH_MASK
, which if specified explicitly chmod's the specified socket path, allowing unrestricted access if required.Please don't delete this checklist! Before submitting the PR, please make sure you do the following:
Tests
pnpm test
and lint the project withpnpm lint
andpnpm check
Changesets
pnpm changeset
and following the prompts. Changesets that add features should beminor
and those that fix bugs should bepatch
. Please prefix changeset messages withfeat:
,fix:
, orchore:
.Edits