Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for listening on a UNIX socket instead of IP #116259

Open
wants to merge 2 commits into
base: dev
Choose a base branch
from
+78 −6
Open

Add support for listening on a UNIX socket instead of IP #116259

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0ed1cd7
Add support for listening on a UNIX socket instead of IP
DataGhost Apr 26, 2024
42a1e7e
Move socket ownership code into separate function and execute blockin…
DataGhost Apr 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
Prev Previous commit
Move socket ownership code into separate function and execute blockin… 
…g calls outside event loop
  • Loading branch information
@DataGhost
DataGhost committed Apr 26, 2024
commit 42a1e7e1f29870028186b748e2c945b04ac1d35a
49 changes: 29 additions & 20 deletions homeassistant/components/http/__init__.py
View file
Open in desktop
Expand Up @@ -573,6 +573,34 @@
context.load_cert_chain(cert_pem.name, key_pem.name)
return context

async def _socket_set_ownership(self, socket_path: str) -> None:
"""Set the configured uid/gid and permissions on the socket."""
# They didn't find a way to put this in aiohttp yet so we have to do it here
# https://github.com/aio-libs/aiohttp/issues/4155#issuecomment-643509809

def _set_permissions() -> None:
if self.socket_permissions is None:
return
os.chmod(socket_path, self.socket_permissions)

Check warning on line 584 in homeassistant/components/http/__init__.py

View check run for this annotation

Codecov / codecov/patch

homeassistant/components/http/__init__.py#L581-L584 

Added lines #L581 - L584 were not covered by tests

def _set_user_group() -> None:
shutil.chown(socket_path, self.socket_user or -1, self.socket_group or -1)

Check warning on line 587 in homeassistant/components/http/__init__.py

View check run for this annotation

Codecov / codecov/patch

homeassistant/components/http/__init__.py#L586-L587 

Added lines #L586 - L587 were not covered by tests

if self.socket_permissions is not None:
try:
await self.hass.async_add_executor_job(_set_permissions)
except OSError as error:
_LOGGER.error(

Check warning on line 593 in homeassistant/components/http/__init__.py

View check run for this annotation

Codecov / codecov/patch

homeassistant/components/http/__init__.py#L589-L593 

Added lines #L589 - L593 were not covered by tests
"Failed to change permissions on %s: %s", socket_path, error
)
if self.socket_user is not None or self.socket_group is not None:
try:
await self.hass.async_add_executor_job(_set_user_group)
except OSError as error:
_LOGGER.error(

Check warning on line 600 in homeassistant/components/http/__init__.py

View check run for this annotation

Codecov / codecov/patch

homeassistant/components/http/__init__.py#L596-L600 

Added lines #L596 - L600 were not covered by tests
"Failed to change user/group on %s: %s", socket_path, error
)

async def start(self) -> None:
"""Start the aiohttp server."""
# Aiohttp freezes apps after start so that no changes can be made.
Expand All @@ -589,8 +617,8 @@

socket_path: str | None = None
if self.server_host and self.server_host[0].startswith("unix:"):
socket_path = self.server_host[0].removeprefix("unix:")
self.site = web.UnixSite(

Check warning on line 621 in homeassistant/components/http/__init__.py

View check run for this annotation

Codecov / codecov/patch

homeassistant/components/http/__init__.py#L620-L621 

Added lines #L620 - L621 were not covered by tests
self.runner,
socket_path,
ssl_context=self.context,
Expand All @@ -610,26 +638,7 @@
)

if socket_path is not None:
# They didn't find a way to put this in aiohttp yet so we have to do it here
# https://github.com/aio-libs/aiohttp/issues/4155#issuecomment-643509809
if self.socket_permissions is not None:
try:
os.chmod(socket_path, self.socket_permissions)
except OSError as error:
_LOGGER.error(
"Failed to change permissions on %s: %s", socket_path, error
)
if self.socket_user is not None or self.socket_group is not None:
try:
shutil.chown(
socket_path,
self.socket_user or -1,
self.socket_group or -1,
)
except OSError as error:
_LOGGER.error(
"Failed to change user/group on %s: %s", socket_path, error
)
await self._socket_set_ownership(socket_path)

Check warning on line 641 in homeassistant/components/http/__init__.py

View check run for this annotation

Codecov / codecov/patch

homeassistant/components/http/__init__.py#L641 

Added line #L641 was not covered by tests

_LOGGER.info("Now listening on %s", self.site.name)

Expand Down