technocloud-public/nginx-unit
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Added configure option --user=USER and --group=GROUP.

Browse Source
This commit is contained in:
Igor Sysoev
2017-08-26 13:37:44 +03:00
parent e64494ba2c
commit 9aaa7d8c20
4 changed files with 40 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
auto/options
View File

@@ -16,6 +16,9 @@ NXT_PREFIX=
NXT_PID="nginext.pid" NXT_PID="nginext.pid"
NXT_LOG="nginext.log" NXT_LOG="nginext.log"
NXT_USER="nobody"
NXT_GROUP=
NXT_DEBUG=NO NXT_DEBUG=NO
NXT_INET6=YES NXT_INET6=YES
@@ -62,6 +65,9 @@ do
--pid=*) NXT_PID="$value" ;; --pid=*) NXT_PID="$value" ;;
--log=*) NXT_LOG="$value" ;; --log=*) NXT_LOG="$value" ;;
--user=*) NXT_USER="$value" ;;
--group=*) NXT_GROUP="$value" ;;
--debug) NXT_DEBUG=YES ;; --debug) NXT_DEBUG=YES ;;
--no-ipv6) NXT_INET6=NO ;; --no-ipv6) NXT_INET6=NO ;;

3
configure vendored
View File

@@ -66,6 +66,9 @@ cat << END >> $NXT_AUTO_CONFIG_H
#define NXT_PID "$NXT_PID" #define NXT_PID "$NXT_PID"
#define NXT_LOG "$NXT_LOG" #define NXT_LOG "$NXT_LOG"
#define NXT_USER "$NXT_USER"
#define NXT_GROUP "$NXT_GROUP"
END END

30
src/nxt_process.c
View File

@@ -364,23 +364,43 @@ nxt_user_cred_get(nxt_task_t *task, nxt_user_cred_t *uc, const char *group)
struct group *grp; struct group *grp;
struct passwd *pwd; struct passwd *pwd;
nxt_errno = 0;
pwd = getpwnam(uc->user); pwd = getpwnam(uc->user);
if (nxt_slow_path(pwd == NULL)) { if (nxt_slow_path(pwd == NULL)) {
nxt_log(task, NXT_LOG_CRIT, "getpwnam(%s) failed %E",
uc->user, nxt_errno); if (nxt_errno == 0) {
nxt_log(task, NXT_LOG_CRIT,
"getpwnam(\"%s\") failed, user \"%s\" not found",
uc->user, uc->user);
} else {
nxt_log(task, NXT_LOG_CRIT, "getpwnam(\"%s\") failed %E",
uc->user, nxt_errno);
}
return NXT_ERROR; return NXT_ERROR;
} }
uc->uid = pwd->pw_uid; uc->uid = pwd->pw_uid;
uc->base_gid = pwd->pw_gid; uc->base_gid = pwd->pw_gid;
if (group != NULL) { if (group != NULL && group[0] != '\0') {
nxt_errno = 0;
grp = getgrnam(group); grp = getgrnam(group);
if (nxt_slow_path(grp == NULL)) { if (nxt_slow_path(grp == NULL)) {
nxt_log(task, NXT_LOG_CRIT, "getgrnam(%s) failed %E",
group, nxt_errno); if (nxt_errno == 0) {
nxt_log(task, NXT_LOG_CRIT,
"getgrnam(\"%s\") failed, group \"%s\" not found",
group, group);
} else {
nxt_log(task, NXT_LOG_CRIT, "getgrnam(\"%s\") failed %E",
group, nxt_errno);
}
return NXT_ERROR; return NXT_ERROR;
} }

12
src/nxt_runtime.c
View File

@@ -699,8 +699,8 @@ nxt_runtime_conf_init(nxt_task_t *task, nxt_runtime_t *rt)
rt->master_process = 1; rt->master_process = 1;
rt->engine_connections = 256; rt->engine_connections = 256;
rt->auxiliary_threads = 2; rt->auxiliary_threads = 2;
rt->user_cred.user = "nobody"; rt->user_cred.user = NXT_USER;
rt->group = NULL; rt->group = NXT_GROUP;
rt->pid = NXT_PID; rt->pid = NXT_PID;
rt->log = NXT_LOG; rt->log = NXT_LOG;
@@ -757,6 +757,8 @@ nxt_runtime_conf_read_cmd(nxt_task_t *task, nxt_runtime_t *rt)
"nginext version: " NXT_VERSION "\n" "nginext version: " NXT_VERSION "\n"
"configured as ./configure" NXT_CONFIGURE_OPTIONS "\n"; "configured as ./configure" NXT_CONFIGURE_OPTIONS "\n";
static const char no_user[] = "option \"--user\" requires username\n";
static const char no_group[] = "option \"--group\" requires group name\n";
static const char no_pid[] = "option \"--pid\" requires filename\n"; static const char no_pid[] = "option \"--pid\" requires filename\n";
static const char no_log[] = "option \"--log\" requires filename\n"; static const char no_log[] = "option \"--log\" requires filename\n";
@@ -805,8 +807,7 @@ nxt_runtime_conf_read_cmd(nxt_task_t *task, nxt_runtime_t *rt)
if (nxt_strcmp(p, "--user") == 0) { if (nxt_strcmp(p, "--user") == 0) {
if (*argv == NULL) { if (*argv == NULL) {
nxt_log(task, NXT_LOG_CRIT, write(STDERR_FILENO, no_user, sizeof(no_user) - 1);
"no argument for option \"--user\"");
return NXT_ERROR; return NXT_ERROR;
} }
@@ -819,8 +820,7 @@ nxt_runtime_conf_read_cmd(nxt_task_t *task, nxt_runtime_t *rt)
if (nxt_strcmp(p, "--group") == 0) { if (nxt_strcmp(p, "--group") == 0) {
if (*argv == NULL) { if (*argv == NULL) {
nxt_log(task, NXT_LOG_CRIT, write(STDERR_FILENO, no_group, sizeof(no_group) - 1);
"no argument for option \"--group\"");
return NXT_ERROR; return NXT_ERROR;
} }