aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorflorian2018-08-13 16:54:50 +0000
committerWynn Wolf Arbor2020-05-24 12:33:55 +0200
commit157a1e913ca57b41dbb048c07181a99aa7eb2c7c (patch)
tree25652fc055b6fa3d3d0bca85ed537f011e58b49a
parent687262f50332e0da903af54f658dbaf33f72b8c7 (diff)
downloadslowcgi-157a1e913ca57b41dbb048c07181a99aa7eb2c7c.tar.gz
Make the owner of fcgi socket configurable.
Andrew Daugherity (andrew.daugherity AT gmail) pointed out that this is helpful for his port to linux. For example on openSUSE nginx and Apache run as different users so a compile time default user won't cut it. Man page tweaks jmc@ While here, consistently log users at debug level; from Andrew.
-rw-r--r--slowcgi.811
-rw-r--r--slowcgi.c18
2 files changed, 21 insertions, 8 deletions
diff --git a/slowcgi.8 b/slowcgi.8
index 8e9340e..3d162c9 100644
--- a/slowcgi.8
+++ b/slowcgi.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: slowcgi.8,v 1.13 2018/08/01 11:47:29 florian Exp $
+.\" $OpenBSD: slowcgi.8,v 1.14 2018/08/13 16:54:50 florian Exp $
.\"
.\" Copyright (c) 2013 Florian Obser <florian@openbsd.org>
.\"
@@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: August 1 2018 $
+.Dd $Mdocdate: August 13 2018 $
.Dt SLOWCGI 8
.Os
.Sh NAME
@@ -25,6 +25,7 @@
.Op Fl d
.Op Fl p Ar path
.Op Fl s Ar socket
+.Op Fl U Ar user
.Op Fl u Ar user
.Sh DESCRIPTION
.Nm
@@ -75,6 +76,12 @@ effectively disables the chroot.
.It Fl s Ar socket
Create and bind to alternative local socket at
.Ar socket .
+.It Fl U Ar user
+Change the owner of
+.Pa /var/www/run/slowcgi.sock
+to
+.Ar user
+and its primary group instead of the default www:www.
.It Fl u Ar user
Drop privileges to
.Ar user
diff --git a/slowcgi.c b/slowcgi.c
index a9a90b2..8d8c970 100644
--- a/slowcgi.c
+++ b/slowcgi.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: slowcgi.c,v 1.52 2017/07/04 12:48:36 florian Exp $ */
+/* $OpenBSD: slowcgi.c,v 1.53 2018/08/13 16:54:50 florian Exp $ */
/*
* Copyright (c) 2013 David Gwynne <dlg@openbsd.org>
* Copyright (c) 2013 Florian Obser <florian@openbsd.org>
@@ -256,7 +256,8 @@ __dead void
usage(void)
{
extern char *__progname;
- fprintf(stderr, "usage: %s [-d] [-p path] [-s socket] [-u user]\n",
+ fprintf(stderr,
+ "usage: %s [-d] [-p path] [-s socket] [-U user] [-u user]\n",
__progname);
exit(1);
}
@@ -276,6 +277,7 @@ main(int argc, char *argv[])
struct stat sb;
int c, fd;
const char *chrootpath = NULL;
+ const char *sock_user = SLOWCGI_USER;
const char *slowcgi_user = SLOWCGI_USER;
/*
@@ -295,7 +297,7 @@ main(int argc, char *argv[])
}
}
- while ((c = getopt(argc, argv, "dp:s:u:")) != -1) {
+ while ((c = getopt(argc, argv, "dp:s:U:u:")) != -1) {
switch (c) {
case 'd':
debug = 1;
@@ -306,6 +308,9 @@ main(int argc, char *argv[])
case 's':
fcgi_socket = optarg;
break;
+ case 'U':
+ sock_user = optarg;
+ break;
case 'u':
slowcgi_user = optarg;
break;
@@ -326,13 +331,14 @@ main(int argc, char *argv[])
logger = &syslogger;
}
- pw = getpwnam(SLOWCGI_USER);
+ ldebug("sock_user: %s", sock_user);
+ pw = getpwnam(sock_user);
if (pw == NULL)
- lerrx(1, "no %s user", SLOWCGI_USER);
+ lerrx(1, "no %s user", sock_user);
fd = slowcgi_listen(fcgi_socket, pw);
- lwarnx("slowcgi_user: %s", slowcgi_user);
+ ldebug("slowcgi_user: %s", slowcgi_user);
pw = getpwnam(slowcgi_user);
if (pw == NULL)
lerrx(1, "no %s user", slowcgi_user);