stackoom
  简体   繁体   中英

Python posix IPC - communication between process running as a different user

 原文  2017-09-03 09:27:51       python/ python-3.x/ posix/ ipc/ root

Question

I am trying to establish communication between two different processes on Linux using POSIX IPC. I am using python 3 with posix message queues based on this library http://semanchuk.com/philip/posix_ipc/ .

The problem is that I want to communicate between a server that is running as root and a client that is running with normal user permissions (separate python program).

If the client creates the message queue then it works, presumably because it allocates under a normal user and the process running under root has higher permissions. I however want the server to create the message queue as that can properly manage the closure of the message queue when the server terminates etc.

Is it possible for a root process to create an IPC message queue and allow processes running under a different user to write to the queue? If so how?

Or is there any alternative to POSIX IPC that could be used instead (eg. Sys V)? I'm hoping to avoid using UNIX sockets as I don't want the additional overhead that uses.

-- Update on latest attempt --

I've read up on all the documentation I can find. The library readme says that they found it to work regardless of permissions, but that's not my experience.

The Linux programming interface (on which the library relies) states to use both mode and umask, but even if I use os.umask(000) followed by mode=666 within the message queue setup I still get permission denied from the client.

1 answers

solution1
 0  2017-09-03 09:56:38

You might want to try Linux domain sockets.

Access to filesystem-based ones can be managed with filesystem permissions. Domain sockets in abstract namespace can be secured by checking credentials (PID/UID) of connecting process, — see also: "SCM_RIGHTS".

Domain sockets are very fast, — they are used by Xorg, so kernel developers have optimized them well. They are also more portable than POSIX IPC (supported on Android). Stream-based mode might be a bit awkward to use for message-oriented IPC, so you should consider switching to datagram mode instead.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question IPC (inter process communication) between python and java python IPC (Inter Process Communication) for Vista UAC (User Access Control) How to IPC between node and python using posix message queue? what is the best way to do bidirectional IPC between a long-running c process and python? Python IPC between two processes on different machines IPC solutions for Python processes on POSIX compliant system posix_ipc python package equivalent for Windows? Python 2-process IPC IPC between a C DLL and Python application to process data IPC between VBA and Python
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM