Allow listening on unix sockets for http_server sources

[mtorromeo]

A note for the community

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Use Cases

Unix sockets allow restricting access to the HTTP server using UNIX directory/file permissions and/or SELinux or other security frameworks.

In contrast, it is harder to properly limit access to the server to local users that should not be capable of sending data to vector on a system where they have shell access, or from other locally running processes that may have been compromised.

The actual use case is to receive modsecurity audit log entries, by using SecAuditLogType HTTPS. Given the security implications of the logs, local users of the system should not be able to tamper the content of the logs.

Also, given that UNIX sockets are already supported in other parts of the codebase, it makes sense that they would be supported in every source that has a configurable listening socket.

Attempted Solutions

The only alternative is to configure the firewall to allow connections only from specific users, but this is usually more complex.

Proposal

Maybe a library like https://docs.rs/crate/multisock/latest could be used to abstract every instance of SocketAddr to automatically accept both Inet and Unix sockets.

References

No response

Version

vector 0.43.1 (x86_64-unknown-linux-gnu)

[jszwedko]

Related: #17050