diff --git a/daemon/face/unix-stream-factory.cpp b/daemon/face/unix-stream-factory.cpp index faa406c1..f024dc64 100644 --- a/daemon/face/unix-stream-factory.cpp +++ b/daemon/face/unix-stream-factory.cpp @@ -1,6 +1,6 @@ /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */ /* - * Copyright (c) 2014-2019, Regents of the University of California, + * Copyright (c) 2014-2020, Regents of the University of California, * Arizona Board of Regents, * Colorado State University, * University Pierre & Marie Curie, Sorbonne University, @@ -46,7 +46,8 @@ UnixStreamFactory::doProcessConfig(OptionalConfigSection configSection, { // unix // { - // path /var/run/nfd.sock + // path /run/nfd.sock ; on Linux + // path /var/run/nfd.sock ; on other platforms // } m_wantCongestionMarking = context.generalConfig.wantCongestionMarking; @@ -58,7 +59,11 @@ UnixStreamFactory::doProcessConfig(OptionalConfigSection configSection, return; } +#ifdef __linux__ + std::string path = "/run/nfd.sock"; +#else std::string path = "/var/run/nfd.sock"; +#endif // __linux__ for (const auto& pair : *configSection) { const std::string& key = pair.first; diff --git a/daemon/rib/service.cpp b/daemon/rib/service.cpp index d9e5bc55..596fa278 100644 --- a/daemon/rib/service.cpp +++ b/daemon/rib/service.cpp @@ -73,7 +73,11 @@ makeLocalNfdTransport(const ConfigSection& config) { if (config.get_child_optional("face_system.unix")) { // default socket path should be the same as in UnixStreamFactory::processConfig +#ifdef __linux__ + auto path = config.get("face_system.unix.path", "/run/nfd.sock"); +#else auto path = config.get("face_system.unix.path", "/var/run/nfd.sock"); +#endif // __linux__ return make_shared(path); } else if (config.get_child_optional("face_system.tcp") && diff --git a/nfd.conf.sample.in b/nfd.conf.sample.in index a17423f1..2ab4d12e 100644 --- a/nfd.conf.sample.in +++ b/nfd.conf.sample.in @@ -90,14 +90,13 @@ face_system ; The unix section contains settings for Unix stream faces and channels. ; A Unix channel is always listening; delete the unix section to disable ; Unix stream faces and channels. - ; - ; The ndn-cxx library expects unix:///var/run/nfd.sock to be used as - ; the default transport option. Please change the "transport" field - ; in client.conf to an appropriate tcp4 FaceUri if you want to - ; disable Unix sockets and use TCP instead. unix { - path /var/run/nfd.sock ; Unix stream listener path + ; The default transport is unix:///run/nfd.sock (on Linux) or unix:///var/run/nfd.sock (on + ; other platforms). This should match the "transport" field in client.conf for ndn-cxx. If you + ; wish to use TCP instead of Unix sockets with ndn-cxx, change "transport" to an appropriate + ; TCP FaceUri. + path @UNIX_SOCKET_PATH@ ; Unix stream listener path } ; The tcp section contains settings for TCP faces and channels. diff --git a/systemd/nfd.service.in b/systemd/nfd.service.in index 59058b82..ca26ec47 100644 --- a/systemd/nfd.service.in +++ b/systemd/nfd.service.in @@ -50,7 +50,7 @@ ProtectKernelTunables=yes # effective setting of ProtectSystem=strict ProtectSystem=full ProtectSystem=strict -ReadWritePaths=/var/run +ReadWritePaths=/run RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 AF_PACKET RestrictNamespaces=yes RestrictRealtime=yes diff --git a/wscript b/wscript index 7bf70697..a7e4906d 100644 --- a/wscript +++ b/wscript @@ -202,7 +202,8 @@ def build(bld): target='nfd.conf.sample', install_path='${SYSCONFDIR}/ndn', IF_HAVE_LIBPCAP='' if bld.env.HAVE_LIBPCAP else '; ', - IF_HAVE_WEBSOCKET='' if bld.env.HAVE_WEBSOCKET else '; ') + IF_HAVE_WEBSOCKET='' if bld.env.HAVE_WEBSOCKET else '; ', + UNIX_SOCKET_PATH='/run/nfd.sock' if Utils.unversioned_sys_platform() == 'linux' else '/var/run/nfd.sock') bld.install_files('${SYSCONFDIR}/ndn', 'autoconfig.conf.sample')