aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--slowcgi.811
-rw-r--r--slowcgi.c18
2 files changed, 21 insertions, 8 deletions
diff --git a/slowcgi.8 b/slowcgi.8
index 8e9340e..3d162c9 100644
--- a/slowcgi.8
+++ b/slowcgi.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: slowcgi.8,v 1.13 2018/08/01 11:47:29 florian Exp $
+.\" $OpenBSD: slowcgi.8,v 1.14 2018/08/13 16:54:50 florian Exp $
.\"
.\" Copyright (c) 2013 Florian Obser <florian@openbsd.org>
.\"
@@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: August 1 2018 $
+.Dd $Mdocdate: August 13 2018 $
.Dt SLOWCGI 8
.Os
.Sh NAME
@@ -25,6 +25,7 @@
.Op Fl d
.Op Fl p Ar path
.Op Fl s Ar socket
+.Op Fl U Ar user
.Op Fl u Ar user
.Sh DESCRIPTION
.Nm
@@ -75,6 +76,12 @@ effectively disables the chroot.
.It Fl s Ar socket
Create and bind to alternative local socket at
.Ar socket .
+.It Fl U Ar user
+Change the owner of
+.Pa /var/www/run/slowcgi.sock
+to
+.Ar user
+and its primary group instead of the default www:www.
.It Fl u Ar user
Drop privileges to
.Ar user
diff --git a/slowcgi.c b/slowcgi.c
index a9a90b2..8d8c970 100644
--- a/slowcgi.c
+++ b/slowcgi.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: slowcgi.c,v 1.52 2017/07/04 12:48:36 florian Exp $ */
+/* $OpenBSD: slowcgi.c,v 1.53 2018/08/13 16:54:50 florian Exp $ */
/*
* Copyright (c) 2013 David Gwynne <dlg@openbsd.org>
* Copyright (c) 2013 Florian Obser <florian@openbsd.org>
@@ -256,7 +256,8 @@ __dead void
usage(void)
{
extern char *__progname;
- fprintf(stderr, "usage: %s [-d] [-p path] [-s socket] [-u user]\n",
+ fprintf(stderr,
+ "usage: %s [-d] [-p path] [-s socket] [-U user] [-u user]\n",
__progname);
exit(1);
}
@@ -276,6 +277,7 @@ main(int argc, char *argv[])
struct stat sb;
int c, fd;
const char *chrootpath = NULL;
+ const char *sock_user = SLOWCGI_USER;
const char *slowcgi_user = SLOWCGI_USER;
/*
@@ -295,7 +297,7 @@ main(int argc, char *argv[])
}
}
- while ((c = getopt(argc, argv, "dp:s:u:")) != -1) {
+ while ((c = getopt(argc, argv, "dp:s:U:u:")) != -1) {
switch (c) {
case 'd':
debug = 1;
@@ -306,6 +308,9 @@ main(int argc, char *argv[])
case 's':
fcgi_socket = optarg;
break;
+ case 'U':
+ sock_user = optarg;
+ break;
case 'u':
slowcgi_user = optarg;
break;
@@ -326,13 +331,14 @@ main(int argc, char *argv[])
logger = &syslogger;
}
- pw = getpwnam(SLOWCGI_USER);
+ ldebug("sock_user: %s", sock_user);
+ pw = getpwnam(sock_user);
if (pw == NULL)
- lerrx(1, "no %s user", SLOWCGI_USER);
+ lerrx(1, "no %s user", sock_user);
fd = slowcgi_listen(fcgi_socket, pw);
- lwarnx("slowcgi_user: %s", slowcgi_user);
+ ldebug("slowcgi_user: %s", slowcgi_user);
pw = getpwnam(slowcgi_user);
if (pw == NULL)
lerrx(1, "no %s user", slowcgi_user);
powered by cgit and git | oriole.systems | how to verify signatures