* [ANN] unicorn 5.3.0 - Rack HTTP server for fast clients and Unix
@ 2017-04-01 8:08 6% Eric Wong
0 siblings, 0 replies; 10+ results
From: Eric Wong @ 2017-04-01 8:08 UTC (permalink / raw)
To: ruby-talk, unicorn-public
Cc: Jeremy Evans, Simon Eskildsen, Dylan Thacker-Smith
unicorn is an HTTP server for Rack applications designed to only serve
fast clients on low-latency, high-bandwidth connections and take
advantage of features in Unix/Unix-like kernels. Slow clients should
only be served by placing a reverse proxy capable of fully buffering
both the the request and response in between unicorn and slow clients.
* https://bogomips.org/unicorn/
* public list: unicorn-public@bogomips.org
* mail archives: https://bogomips.org/unicorn-public/
* git clone git://bogomips.org/unicorn.git
* https://bogomips.org/unicorn/NEWS.atom.xml
* nntp://news.public-inbox.org/inbox.comp.lang.ruby.unicorn
Changes:
unicorn 5.3.0
A couple of portability fixes from Dylan Thacker-Smith and
Jeremy Evans since 5.3.0.pre1 over a week ago, but this looks
ready for a stable release, today.
When I started this over 8 years ago, I wondered if this would
just end up being an April Fools' joke. Guess not. I guess I
somehow tricked people into using a terribly marketed web server
that cannot talk directly to untrusted clients :x Anyways,
unicorn won't be able to handle slow clients 8 years from now,
either, or 80 years from now. And I vow never to learn to use
new-fangled things like epoll, kqueue, or threads :P
Anyways, this is a largish release with several new features,
and no backwards incompatibilities.
Simon Eskildsen contributed heavily using TCP_INFO under Linux
to implement the (now 5 year old) check_client_connection feature:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-check_client_connection
https://bogomips.org/unicorn-public/?q=s:check_client_connection&d:..20170401&x=t
This also led to FreeBSD and OpenBSD portability improvements in
one of our dependencies, raindrops:
https://bogomips.org/raindrops-public/20170323024829.GA5190@dcvr/T/#u
Jeremy Evans contributed several new features. First he
implemented after_worker_exit to aid debugging:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-after_worker_exit
https://bogomips.org/unicorn-public/?q=s:after_worker_exit&d:..20170401&x=t#t
And then security-related features to isolate workers. Workers
may now chroot to drop access to the master filesystem, and the
new after_worker_ready configuration hook now exists to aid with
chroot support in workers:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-after_worker_ready
https://bogomips.org/unicorn/Unicorn/Worker.html#method-i-user
https://bogomips.org/unicorn-public/?q=s:after_worker_ready&d:..20170401&x=t#t
https://bogomips.org/unicorn-public/?q=s:chroot&d:..20170401&x=t#t
Additionally, workers may run in a completely different VM space
(nullifying preload_app and any CoW savings) with the new
worker_exec option:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-worker_exec
https://bogomips.org/unicorn-public/?q=s:worker_exec&d:..20170401&x=t#t
There are also several improvements to FreeBSD and OpenBSD
support with the addition of these features.
shortlog of changes since v5.2.0 (2016-10-31):
Dylan Thacker-Smith (1):
Check for Socket::TCP_INFO constant before trying to get TCP_INFO
Eric Wong (30):
drop rb_str_set_len compatibility replacement
TUNING: document THP caveat for Linux users
tee_input: simplify condition for IO#write
remove response_start_sent
http_request: freeze constant strings passed IO#write
Revert "remove response_start_sent"
t/t0012-reload-empty-config.sh: access ivars directly if needed
t0011-active-unix-socket.sh: fix race condition in test
new test for check_client_connection
revert signature change to HttpServer#process_client
support "struct tcp_info" on non-Linux and Ruby 2.2+
unicorn_http: reduce rb_global_variable calls
oob_gc: rely on opt_aref_with optimization on Ruby 2.2+
http_request: reduce insn size for check_client_connection
freebsd: avoid EINVAL when setting accept filter
test-lib: expr(1) portability fix
tests: keep disabled tests defined
test_exec: SO_KEEPALIVE value only needs to be true
doc: fix links to raindrops project
http_request: support proposed Raindrops::TCP states on non-Linux
ISSUES: expand on mail archive info + subscription disclaimer
test_ccc: use a pipe to synchronize test
doc: remove private email support address
input: update documentation and hide internals.
http_server: initialize @pid ivar
gemspec: remove olddoc from build dependency
doc: add version annotations for new features
unicorn 5.3.0.pre1
doc: note after_worker_exit is also 5.3.0+
test_exec: SO_KEEPALIVE value only needs to be true (take #2)
Jeremy Evans (7):
Add after_worker_exit configuration option
Fix code example in after_worker_exit documentation
Add support for chroot to Worker#user
Add after_worker_ready configuration option
Add worker_exec configuration option
Don't pass a block for fork when forking workers
Check for SocketError on first ccc attempt
Simon Eskildsen (1):
check_client_connection: use tcp state on linux
--
Yes, this release is real despite the date.
^ permalink raw reply [relevance 6%]
* [ANN] unicorn 5.3.0.pre1 - Rack HTTP server for fast clients and Unix
@ 2017-03-24 0:28 6% Eric Wong
0 siblings, 0 replies; 10+ results
From: Eric Wong @ 2017-03-24 0:28 UTC (permalink / raw)
To: ruby-talk, unicorn-public; +Cc: Jeremy Evans, Simon Eskildsen
unicorn is an HTTP server for Rack applications designed to only serve
fast clients on low-latency, high-bandwidth connections and take
advantage of features in Unix/Unix-like kernels. Slow clients should
only be served by placing a reverse proxy capable of fully buffering
both the the request and response in between unicorn and slow clients.
* https://bogomips.org/unicorn/
* public list: unicorn-public@bogomips.org
* mail archives: https://bogomips.org/unicorn-public/
* git clone git://bogomips.org/unicorn.git
* https://bogomips.org/unicorn/NEWS.atom.xml
* nntp://news.public-inbox.org/inbox.comp.lang.ruby.unicorn
This is a pre-release RubyGem intended for testing.
Changes:
unicorn 5.3.0.pre1
A largish release with several new features.
Simon Eskildsen contributed heavily using TCP_INFO under Linux
to implement the (now 5 year old) check_client_connection feature:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-check_client_connection
https://bogomips.org/unicorn-public/?q=s:check_client_connection&d:..20170324&x=t
This also led to FreeBSD and OpenBSD portability improvements in
one of our dependencies, raindrops:
https://bogomips.org/raindrops-public/20170323024829.GA5190@dcvr/T/#u
Jeremy Evans contributed several new features. First he
implemented after_worker_exit to aid debugging:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-after_worker_exit
https://bogomips.org/unicorn-public/?q=s:after_worker_exit&d:..20170324&x=t#t
And then security-related features to isolate workers. Workers
may now chroot to drop access to the master filesystem, and the
new after_worker_ready configuration hook now exists to aid with
chroot support in workers:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-after_worker_ready
https://bogomips.org/unicorn/Unicorn/Worker.html#method-i-user
https://bogomips.org/unicorn-public/?q=s:after_worker_ready&d:..20170324&x=t#t
https://bogomips.org/unicorn-public/?q=s:chroot&d:..20170324&x=t#t
Additionally, workers may run in a completely different VM space
(nullifying preload_app and any CoW savings) with the new
worker_exec option:
https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-worker_exec
https://bogomips.org/unicorn-public/?q=s:worker_exec&d:..20170324&x=t#t
There are also several improvements to FreeBSD and OpenBSD
support with the addition of these features.
34 changes since 5.2.0 (2016-10-31):
Eric Wong (27):
drop rb_str_set_len compatibility replacement
TUNING: document THP caveat for Linux users
tee_input: simplify condition for IO#write
remove response_start_sent
http_request: freeze constant strings passed IO#write
Revert "remove response_start_sent"
t/t0012-reload-empty-config.sh: access ivars directly if needed
t0011-active-unix-socket.sh: fix race condition in test
new test for check_client_connection
revert signature change to HttpServer#process_client
support "struct tcp_info" on non-Linux and Ruby 2.2+
unicorn_http: reduce rb_global_variable calls
oob_gc: rely on opt_aref_with optimization on Ruby 2.2+
http_request: reduce insn size for check_client_connection
freebsd: avoid EINVAL when setting accept filter
test-lib: expr(1) portability fix
tests: keep disabled tests defined
test_exec: SO_KEEPALIVE value only needs to be true
doc: fix links to raindrops project
http_request: support proposed Raindrops::TCP states on non-Linux
ISSUES: expand on mail archive info + subscription disclaimer
test_ccc: use a pipe to synchronize test
doc: remove private email support address
input: update documentation and hide internals.
http_server: initialize @pid ivar
gemspec: remove olddoc from build dependency
doc: add version annotations for new features
Jeremy Evans (6):
Add after_worker_exit configuration option
Fix code example in after_worker_exit documentation
Add support for chroot to Worker#user
Add after_worker_ready configuration option
Add worker_exec configuration option
Don't pass a block for fork when forking workers
Simon Eskildsen (1):
check_client_connection: use tcp state on linux
--
5.3.0 in a week, maybe?
^ permalink raw reply [relevance 6%]
* Re: Patch: Add after_worker_ready configuration option V2
2017-02-23 20:29 7% ` Eric Wong
@ 2017-03-08 7:29 7% ` Eric Wong
0 siblings, 0 replies; 10+ results
From: Eric Wong @ 2017-03-08 7:29 UTC (permalink / raw)
To: Jeremy Evans; +Cc: unicorn-public
Eric Wong <e@80x24.org> wrote:
> Thanks, I've pushed this and the chroot patch out to the
> 'chroot' branch. Willl wait a bit for comments from others
> before merging into 'master'.
No comments, so no objections, so merged and pushed to 'master'
as commit ff13ad38ba9f83e0dd298be451aac7c75145d33b
Merge remote-tracking branch 'origin/chroot'
* origin/chroot:
Add after_worker_ready configuration option
Add support for chroot to Worker#user
Thanks.
^ permalink raw reply [relevance 7%]
* Re: Patch: Add after_worker_ready configuration option V2
@ 2017-02-23 20:29 7% ` Eric Wong
2017-03-08 7:29 7% ` Eric Wong
0 siblings, 1 reply; 10+ results
From: Eric Wong @ 2017-02-23 20:29 UTC (permalink / raw)
To: Jeremy Evans; +Cc: unicorn-public
Jeremy Evans <code@jeremyevans.net> wrote:
> Here's V2 of the after_worker_ready patch. This adds some more
> documentation, and tries to give a better description of the
> advantages in the commit message.
Thanks, I've pushed this and the chroot patch out to the
'chroot' branch. Willl wait a bit for comments from others
before merging into 'master'.
The following changes since commit c8f06be298d667ba85573668ee916680a258c2c7:
Fix code example in after_worker_exit documentation (2017-02-23 19:26:30 +0000)
are available in the git repository at:
git://bogomips.org/unicorn chroot
for you to fetch changes up to d322345251e15125df896bb8f0a5b53b49a1bf3f:
Add after_worker_ready configuration option (2017-02-23 20:23:44 +0000)
----------------------------------------------------------------
Jeremy Evans (2):
Add support for chroot to Worker#user
Add after_worker_ready configuration option
lib/unicorn/configurator.rb | 22 ++++++++++++++++++++++
lib/unicorn/http_server.rb | 4 ++--
lib/unicorn/worker.rb | 13 ++++++++++---
3 files changed, 34 insertions(+), 5 deletions(-)
^ permalink raw reply [relevance 7%]
* Patch: Add support for chroot to Worker#user
@ 2017-02-21 19:24 7% Jeremy Evans
2017-02-21 19:53 9% ` Eric Wong
0 siblings, 1 reply; 10+ results
From: Jeremy Evans @ 2017-02-21 19:24 UTC (permalink / raw)
To: unicorn-public
Any chrooting would need to happen inside Worker#user, because
you can't chroot until after you have parsed the list of groups,
and you must chroot before dropping root privileges.
chroot is an important security feature, so that if the unicorn
process is exploited, file system access is limited to the chroot
directory instead of the entire system.
This is not a complete patch as it does not include tests. I can
add tests if you would consider accepting this feature.
---
lib/unicorn/worker.rb | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/lib/unicorn/worker.rb b/lib/unicorn/worker.rb
index 6748a2f..db418ea 100644
--- a/lib/unicorn/worker.rb
+++ b/lib/unicorn/worker.rb
@@ -111,9 +111,10 @@ def close # :nodoc:
# In most cases, you should be using the Unicorn::Configurator#user
# directive instead. This method should only be used if you need
# fine-grained control of exactly when you want to change permissions
- # in your after_fork hooks.
+ # in your after_fork hooks, or if you want to use the chroot support.
#
- # Changes the worker process to the specified +user+ and +group+
+ # Changes the worker process to the specified +user+ and +group+,
+ # and chroots to the current working directory if +chroot+ is set.
# This is only intended to be called from within the worker
# process from the +after_fork+ hook. This should be called in
# the +after_fork+ hook after any privileged functions need to be
@@ -123,7 +124,7 @@ def close # :nodoc:
# directly back to the caller (usually the +after_fork+ hook.
# These errors commonly include ArgumentError for specifying an
# invalid user/group and Errno::EPERM for insufficient privileges
- def user(user, group = nil)
+ def user(user, group = nil, chroot = false)
# we do not protect the caller, checking Process.euid == 0 is
# insufficient because modern systems have fine-grained
# capabilities. Let the caller handle any and all errors.
@@ -134,6 +135,10 @@ def user(user, group = nil)
Process.initgroups(user, gid)
Process::GID.change_privilege(gid)
end
+ if chroot
+ Dir.chroot(Dir.pwd)
+ Dir.chdir('/')
+ end
Process.euid != uid and Process::UID.change_privilege(uid)
@switched = true
end
--
2.11.0
^ permalink raw reply related [relevance 7%]
* Re: Patch: Add support for chroot to Worker#user
2017-02-21 19:53 9% ` Eric Wong
@ 2017-02-21 20:15 9% ` Jeremy Evans
0 siblings, 0 replies; 10+ results
From: Jeremy Evans @ 2017-02-21 20:15 UTC (permalink / raw)
To: Eric Wong; +Cc: unicorn-public
On 02/21 07:53, Eric Wong wrote:
> Jeremy Evans <code@jeremyevans.net> wrote:
> > Any chrooting would need to happen inside Worker#user, because
> > you can't chroot until after you have parsed the list of groups,
> > and you must chroot before dropping root privileges.
> >
> > chroot is an important security feature, so that if the unicorn
> > process is exploited, file system access is limited to the chroot
> > directory instead of the entire system.
>
> I'm hesitant to document this as "an important security feature".
>
> Perhaps "an extra layer of security" is more accurate,
> as there are ways of breaking out of a chroot.
That's fine. Note that while breaking out of a chroot is easy if you
have root privileges, it is difficult to break out of a chroot
if root privileges have been dropped. There are a couple of
possibilities listed at https://github.com/earthquake/chw00t, neither of
which is likely in environments where unicorn is typically deployed.
>
> > This is not a complete patch as it does not include tests. I can
> > add tests if you would consider accepting this feature.
>
> I wouldn't worry about automated tests if elevated privileges
> are required.
>
> > - # Changes the worker process to the specified +user+ and +group+
> > + # Changes the worker process to the specified +user+ and +group+,
> > + # and chroots to the current working directory if +chroot+ is set.
> > # This is only intended to be called from within the worker
> > # process from the +after_fork+ hook. This should be called in
> > # the +after_fork+ hook after any privileged functions need to be
> > @@ -123,7 +124,7 @@ def close # :nodoc:
> > # directly back to the caller (usually the +after_fork+ hook.
> > # These errors commonly include ArgumentError for specifying an
> > # invalid user/group and Errno::EPERM for insufficient privileges
> > - def user(user, group = nil)
> > + def user(user, group = nil, chroot = false)
> > # we do not protect the caller, checking Process.euid == 0 is
> > # insufficient because modern systems have fine-grained
> > # capabilities. Let the caller handle any and all errors.
> > @@ -134,6 +135,10 @@ def user(user, group = nil)
> > Process.initgroups(user, gid)
> > Process::GID.change_privilege(gid)
> > end
> > + if chroot
> > + Dir.chroot(Dir.pwd)
> > + Dir.chdir('/')
> > + end
>
> Perhaps this can be made more flexible by allowing chroot to
> any specified directory, not just pwd. Something like:
>
> chroot = Dir.pwd if chroot == true
> if chroot
> Dir.chroot(chroot)
> Dir.chdir('/')
> end
>
> Anyways I'm inclined to accept this feature.
I had basically the same code originally, but wanted to minimize the API
surface to increase the likelihood for acceptance. So I'm definitely in
favor of that change.
Thanks,
Jeremy
^ permalink raw reply [relevance 9%]
* Re: Patch: Add support for chroot to Worker#user
2017-02-21 19:24 7% Patch: Add support for chroot to Worker#user Jeremy Evans
@ 2017-02-21 19:53 9% ` Eric Wong
2017-02-21 20:15 9% ` Jeremy Evans
0 siblings, 1 reply; 10+ results
From: Eric Wong @ 2017-02-21 19:53 UTC (permalink / raw)
To: Jeremy Evans; +Cc: unicorn-public
Jeremy Evans <code@jeremyevans.net> wrote:
> Any chrooting would need to happen inside Worker#user, because
> you can't chroot until after you have parsed the list of groups,
> and you must chroot before dropping root privileges.
>
> chroot is an important security feature, so that if the unicorn
> process is exploited, file system access is limited to the chroot
> directory instead of the entire system.
I'm hesitant to document this as "an important security feature".
Perhaps "an extra layer of security" is more accurate,
as there are ways of breaking out of a chroot.
> This is not a complete patch as it does not include tests. I can
> add tests if you would consider accepting this feature.
I wouldn't worry about automated tests if elevated privileges
are required.
> - # Changes the worker process to the specified +user+ and +group+
> + # Changes the worker process to the specified +user+ and +group+,
> + # and chroots to the current working directory if +chroot+ is set.
> # This is only intended to be called from within the worker
> # process from the +after_fork+ hook. This should be called in
> # the +after_fork+ hook after any privileged functions need to be
> @@ -123,7 +124,7 @@ def close # :nodoc:
> # directly back to the caller (usually the +after_fork+ hook.
> # These errors commonly include ArgumentError for specifying an
> # invalid user/group and Errno::EPERM for insufficient privileges
> - def user(user, group = nil)
> + def user(user, group = nil, chroot = false)
> # we do not protect the caller, checking Process.euid == 0 is
> # insufficient because modern systems have fine-grained
> # capabilities. Let the caller handle any and all errors.
> @@ -134,6 +135,10 @@ def user(user, group = nil)
> Process.initgroups(user, gid)
> Process::GID.change_privilege(gid)
> end
> + if chroot
> + Dir.chroot(Dir.pwd)
> + Dir.chdir('/')
> + end
Perhaps this can be made more flexible by allowing chroot to
any specified directory, not just pwd. Something like:
chroot = Dir.pwd if chroot == true
if chroot
Dir.chroot(chroot)
Dir.chdir('/')
end
Anyways I'm inclined to accept this feature.
^ permalink raw reply [relevance 9%]
* Re: Patch: Add support for chroot to Worker#user V2
2017-02-23 18:46 14% Patch: Add support for chroot to Worker#user V2 Jeremy Evans
@ 2017-04-05 3:44 9% ` Eric Wong
2017-04-05 4:57 9% ` Jeremy Evans
0 siblings, 1 reply; 10+ results
From: Eric Wong @ 2017-04-05 3:44 UTC (permalink / raw)
To: Jeremy Evans; +Cc: unicorn-public
Jeremy Evans <code@jeremyevans.net> wrote:
> @@ -134,6 +136,11 @@ def user(user, group = nil)
> Process.initgroups(user, gid)
> Process::GID.change_privilege(gid)
> end
> + if chroot
> + chroot = Dir.pwd if chroot == true
> + Dir.chroot(chroot)
> + Dir.chdir('/')
> + end
By the way, I noticed in configurator.rb (for
working_directory), we also update ENV['PWD'] after chdir.
Perhaps we should do so, here?
For working_directory, I preserved ENV['PWD'] in case Dir.pwd
wasn't aware of symlinks; or there's code which relies on
env['PWD'] without caring for making the syscalls required for
Dir.pwd...
I'm not sure how much it matters in practice...
^ permalink raw reply [relevance 9%]
* Re: Patch: Add support for chroot to Worker#user V2
2017-04-05 3:44 9% ` Eric Wong
@ 2017-04-05 4:57 9% ` Jeremy Evans
0 siblings, 0 replies; 10+ results
From: Jeremy Evans @ 2017-04-05 4:57 UTC (permalink / raw)
To: Eric Wong; +Cc: unicorn-public
On 04/05 03:44, Eric Wong wrote:
> Jeremy Evans <code@jeremyevans.net> wrote:
> > @@ -134,6 +136,11 @@ def user(user, group = nil)
> > Process.initgroups(user, gid)
> > Process::GID.change_privilege(gid)
> > end
> > + if chroot
> > + chroot = Dir.pwd if chroot == true
> > + Dir.chroot(chroot)
> > + Dir.chdir('/')
> > + end
>
> By the way, I noticed in configurator.rb (for
> working_directory), we also update ENV['PWD'] after chdir.
>
> Perhaps we should do so, here?
That makes sense to me, though I don't use ENV['PWD'] personally.
> For working_directory, I preserved ENV['PWD'] in case Dir.pwd
> wasn't aware of symlinks; or there's code which relies on
> env['PWD'] without caring for making the syscalls required for
> Dir.pwd...
>
> I'm not sure how much it matters in practice...
I'm not either, but I don't see how it could hurt.
Thanks,
Jeremy
^ permalink raw reply [relevance 9%]
* Patch: Add support for chroot to Worker#user V2
@ 2017-02-23 18:46 14% Jeremy Evans
2017-04-05 3:44 9% ` Eric Wong
0 siblings, 1 reply; 10+ results
From: Jeremy Evans @ 2017-02-23 18:46 UTC (permalink / raw)
To: unicorn-public
Here's V2 of the chroot support patch.
This changes the commit message language, and supports chrooting to
a directory that isn't the current directory.
From 9bd82792d57f54a868c9a0e9af2bd452f3ef298d Mon Sep 17 00:00:00 2001
From: Jeremy Evans <code@jeremyevans.net>
Date: Tue, 21 Feb 2017 08:44:34 -0800
Subject: [PATCH] Add support for chroot to Worker#user
Any chrooting would need to happen inside Worker#user, because
you can't chroot until after you have parsed the list of groups,
and you must chroot before dropping root privileges.
chroot adds an extra layer of security, so that if the unicorn
process is exploited, file system access is limited to the chroot
directory instead of the entire file system.
---
lib/unicorn/worker.rb | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/lib/unicorn/worker.rb b/lib/unicorn/worker.rb
index 6748a2f..e22c1bf 100644
--- a/lib/unicorn/worker.rb
+++ b/lib/unicorn/worker.rb
@@ -111,9 +111,11 @@ def close # :nodoc:
# In most cases, you should be using the Unicorn::Configurator#user
# directive instead. This method should only be used if you need
# fine-grained control of exactly when you want to change permissions
- # in your after_fork hooks.
+ # in your after_fork or after_worker_ready hooks, or if you want to
+ # use the chroot support.
#
- # Changes the worker process to the specified +user+ and +group+
+ # Changes the worker process to the specified +user+ and +group+,
+ # and chroots to the current working directory if +chroot+ is set.
# This is only intended to be called from within the worker
# process from the +after_fork+ hook. This should be called in
# the +after_fork+ hook after any privileged functions need to be
@@ -123,7 +125,7 @@ def close # :nodoc:
# directly back to the caller (usually the +after_fork+ hook.
# These errors commonly include ArgumentError for specifying an
# invalid user/group and Errno::EPERM for insufficient privileges
- def user(user, group = nil)
+ def user(user, group = nil, chroot = false)
# we do not protect the caller, checking Process.euid == 0 is
# insufficient because modern systems have fine-grained
# capabilities. Let the caller handle any and all errors.
@@ -134,6 +136,11 @@ def user(user, group = nil)
Process.initgroups(user, gid)
Process::GID.change_privilege(gid)
end
+ if chroot
+ chroot = Dir.pwd if chroot == true
+ Dir.chroot(chroot)
+ Dir.chdir('/')
+ end
Process.euid != uid and Process::UID.change_privilege(uid)
@switched = true
end
--
2.11.0
^ permalink raw reply related [relevance 14%]
Results 1-10 of 10 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2017-02-23 18:46 14% Patch: Add support for chroot to Worker#user V2 Jeremy Evans
2017-04-05 3:44 9% ` Eric Wong
2017-04-05 4:57 9% ` Jeremy Evans
2017-02-21 19:24 7% Patch: Add support for chroot to Worker#user Jeremy Evans
2017-02-21 19:53 9% ` Eric Wong
2017-02-21 20:15 9% ` Jeremy Evans
2017-04-01 8:08 6% [ANN] unicorn 5.3.0 - Rack HTTP server for fast clients and Unix Eric Wong
2017-03-24 0:28 6% [ANN] unicorn 5.3.0.pre1 " Eric Wong
2017-02-23 18:49 Patch: Add after_worker_ready configuration option V2 Jeremy Evans
2017-02-23 20:29 7% ` Eric Wong
2017-03-08 7:29 7% ` Eric Wong
Code repositories for project(s) associated with this public inbox
https://yhbt.net/unicorn.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).