[PATCH] Cache: new options for set path and file permissions (ticket: #698)
Krzysztof Grzadziel
poczta at krzysztofgrzadziel.pl
Mon May 4 00:14:26 UTC 2020
# HG changeset patch
# User Krzysztof Grządziel <poczta at krzysztofgrzadziel.pl>
# Date 1588474577 -7200
# Sun May 03 04:56:17 2020 +0200
# Node ID ae1a050faa5c718dc81928dced93337f1e64a4e6
# Parent 716eddd74bc2831537f5b3f7ecd16ad3e516d043
Cache: new options for set path and file permissions (ticket: #698)
Patch introduces two optional parameters for *_cache_path:
- path_access_rights which sets chmod for directories under cache path
- file_access_rights which sets chmod for files under cache path
diff -r 716eddd74bc2 -r ae1a050faa5c src/core/ngx_string.c
--- a/src/core/ngx_string.c Thu Apr 23 15:10:26 2020 +0300
+++ b/src/core/ngx_string.c Sun May 03 04:56:17 2020 +0200
@@ -1120,6 +1120,32 @@
}
+/* parse octal number string representation to integer */
+ngx_int_t
+ngx_octtoi(u_char *line, size_t n)
+{
+ ngx_int_t value;
+
+ if (n == 0) {
+ return NGX_ERROR;
+ }
+
+ for (value = 0; n--; line++) {
+ if (*line < '0' || *line > '7') {
+ return NGX_ERROR;
+ }
+
+ value = value * 8 + (*line - '0');
+ }
+
+ if (value < 0) {
+ return NGX_ERROR;
+ }
+
+ return value;
+}
+
+
u_char *
ngx_hex_dump(u_char *dst, u_char *src, size_t len)
{
diff -r 716eddd74bc2 -r ae1a050faa5c src/core/ngx_string.h
--- a/src/core/ngx_string.h Thu Apr 23 15:10:26 2020 +0300
+++ b/src/core/ngx_string.h Sun May 03 04:56:17 2020 +0200
@@ -179,6 +179,7 @@
off_t ngx_atoof(u_char *line, size_t n);
time_t ngx_atotm(u_char *line, size_t n);
ngx_int_t ngx_hextoi(u_char *line, size_t n);
+ngx_int_t ngx_octtoi(u_char *line, size_t n);
u_char *ngx_hex_dump(u_char *dst, u_char *src, size_t len);
diff -r 716eddd74bc2 -r ae1a050faa5c src/http/ngx_http_cache.h
--- a/src/http/ngx_http_cache.h Thu Apr 23 15:10:26 2020 +0300
+++ b/src/http/ngx_http_cache.h Sun May 03 04:56:17 2020 +0200
@@ -177,6 +177,9 @@
ngx_msec_t manager_sleep;
ngx_msec_t manager_threshold;
+ ngx_int_t file_access_rights;
+ ngx_int_t path_access_rights;
+
ngx_shm_zone_t *shm_zone;
ngx_uint_t use_temp_path;
diff -r 716eddd74bc2 -r ae1a050faa5c src/http/ngx_http_file_cache.c
--- a/src/http/ngx_http_file_cache.c Thu Apr 23 15:10:26 2020 +0300
+++ b/src/http/ngx_http_file_cache.c Sun May 03 04:56:17 2020 +0200
@@ -1384,8 +1384,8 @@
"http file cache rename: \"%s\" to \"%s\"",
tf->file.name.data, c->file.name.data);
- ext.access = NGX_FILE_OWNER_ACCESS;
- ext.path_access = NGX_FILE_OWNER_ACCESS;
+ ext.access = cache->file_access_rights;
+ ext.path_access = cache->path_access_rights;
ext.time = -1;
ext.create_path = 1;
ext.delete_file = 1;
@@ -2313,6 +2313,7 @@
ngx_msec_t loader_sleep, manager_sleep, loader_threshold,
manager_threshold;
ngx_uint_t i, n, use_temp_path;
+ ngx_int_t file_access_rights, path_access_rights;
ngx_array_t *caches;
ngx_http_file_cache_t *cache, **ce;
@@ -2333,6 +2334,8 @@
loader_files = 100;
loader_sleep = 50;
loader_threshold = 200;
+ file_access_rights = NGX_FILE_OWNER_ACCESS;
+ path_access_rights = NGX_FILE_OWNER_ACCESS;
manager_files = 100;
manager_sleep = 50;
@@ -2488,6 +2491,34 @@
continue;
}
+ if (ngx_strncmp(value[i].data, "file_access_rights=", 19) == 0) {
+
+ file_access_rights = ngx_octtoi(value[i].data + 19,
+ value[i].len - 19);
+ if (file_access_rights == NGX_ERROR) {
+ ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+ "invalid file_access_rights value \"%V\"",
+ &value[i]);
+ return NGX_CONF_ERROR;
+ }
+
+ continue;
+ }
+
+ if (ngx_strncmp(value[i].data, "path_access_rights=", 19) == 0) {
+
+ path_access_rights = ngx_octtoi(value[i].data + 19,
+ value[i].len - 19);
+ if (path_access_rights == NGX_ERROR) {
+ ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+ "invalid path_access_rights value \"%V\"",
+ &value[i]);
+ return NGX_CONF_ERROR;
+ }
+
+ continue;
+ }
+
if (ngx_strncmp(value[i].data, "loader_sleep=", 13) == 0) {
s.len = value[i].len - 13;
@@ -2580,6 +2611,8 @@
cache->loader_files = loader_files;
cache->loader_sleep = loader_sleep;
cache->loader_threshold = loader_threshold;
+ cache->file_access_rights = file_access_rights;
+ cache->path_access_rights = path_access_rights;
cache->manager_files = manager_files;
cache->manager_sleep = manager_sleep;
cache->manager_threshold = manager_threshold;
More information about the nginx-devel
mailing list