From 2f3a8619e898b485495692543d34f01c316c6172 Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Tue, 12 Nov 2024 16:16:47 -0500
Subject: [PATCH] Fix vinz VNC for non-root users

Relax permissions a tad to allow users to attempt
to connect if they otherwise know the socket name.
---
 confluent_server/confluent/vinzmanager.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/confluent_server/confluent/vinzmanager.py b/confluent_server/confluent/vinzmanager.py
index 016bad3c..f9511676 100644
--- a/confluent_server/confluent/vinzmanager.py
+++ b/confluent_server/confluent/vinzmanager.py
@@ -31,7 +31,8 @@ def assure_vinz():
             _vinztoken = base64.b64encode(os.urandom(33), altchars=b'_-').decode()
             os.environ['VINZ_TOKEN'] = _vinztoken
             os.makedirs('/var/run/confluent/vinz/sessions', exist_ok=True)
-
+            os.chmod('/var/run/confluent/vinz', 0o711)
+            os.chmod('/var/run/confluent/vinz/sessions', 0o711)
             _vinzfd = subprocess.Popen(
                 ['/opt/confluent/bin/vinz',
                 '-c', '/var/run/confluent/vinz/control',