[WIP/RFC v4 0/5] Support abstract Unix sockets

Alejandro Colomar alx.manpages at gmail.com
Wed Aug 24 09:57:35 UTC 2022 

And of course this one didn't make it to the list either.  See this mail 
for knowing how it works.

Cheers,

Alex

On 8/23/22 23:56, Alejandro Colomar wrote:
 > Hi,
 >
 > On 8/23/22 23:18, Alejandro Colomar wrote:
 >> Alejandro Colomar (5):
 >>    Optimize string copy in Unix sockets.
 >>    Use a minimal socklen.
 >>    Don't add a trailing '\0' for abstract Unix domain sockets.
 >>    Log abstract Unix domain sockets with a leading '@'.
 >>    Don't try to chmod(2) abstract Unix domain sockets.
 >>
 >>   src/core/ngx_connection.c | 28 ++++++++++++++++------------
 >>   src/core/ngx_inet.c       | 33 +++++++++++++++++++++++++++------
 >>   2 files changed, 43 insertions(+), 18 deletions(-)
 >>
 >
 > Here's how I tested the feature.  It might help you understand how to
 > use it, or help review it.
 >
 >
 > I put a program listening on the sockets: IPv4, Unix, and abstract Unix.
 >   It was NGINX Unit built from source (since the patch set for
 > supporting abstract sockets there was merged a few days ago).
 >
 > $ cat ~/etc/unitd/abs_nginx.json
 >   {
 >      "listeners": {
 >          "unix:@unitd.static.sock": { "pass": "routes" },
 >          "unix:/run/unit.static.sock": { "pass": "routes" },
 >          "*:8080": { "pass": "routes" }
 >      },
 >      "routes": [{
 >          "action": {
 >              "share": "/home/alx/srv/www/"
 >          }
 >      }]
 >   }
 > $ sudo curl -X PUT -d @~/etc/unitd/abs_nginx.json --unix-sock
 > /opt/local/unit/control.unit.sock localhost/config/
 >   {
 >      "success": "Reconfiguration done."
 >   }
 >
 >
 > $ # Testing unitd:
 > $
 > $ curl localhost:8080
 > idx
 > $ curl --unix-sock /run/unit.static.sock localhost
 > idx
 > $ curl --abstract-unix-sock unitd.static.sock localhost
 > idx
 >
 >
 > The I configure nginx to talk to unit through the sockets, and also have
 > an abstract socket for listening:
 >
 >
 > $ cat /usr/local/nginx/conf/nginx.conf
 >   worker_processes  1;
 >
 >   events {
 >      worker_connections  1024;
 >   }
 >
 >   http {
 >      default_type  application/octet-stream;
 >      sendfile        on;
 >      keepalive_timeout  65;
 >
 >      server {
 >          # replace NUL by the real null character with Ctrl+v Ctrl+j
 >          listen       unix:NULnginx-in;
 >          listen       80;
 >
 >          location /abs {
 >              # replace NUL by the real null character with Ctrl+v Ctrl+j
 >              proxy_pass   http://unix:NULunitd.static.sock;
 >          }
 >
 >          location /sock {
 >              proxy_pass   http://unix:/run/unit.static.sock;
 >          }
 >
 >          location /ip {
 >              proxy_pass   http://localhost:8080/;
 >          }
 >      }
 >   }
 > $ sudo /usr/local/nginx/sbin/nginx
 >
 >
 > $ # Testing nginx:
 > $
 > $ ss -l | grep nginx-in
 > u_str LISTEN 0      511                                       @nginx-in
 > 23314                           * 0
 > $ curl --abstract-unix-sock nginx-in localhost/non-sock
 > idx
 > $ curl --abstract-unix-sock nginx-in localhost/sock
 > idx
 > $ curl --abstract-unix-sock nginx-in localhost/abs
 > idx
 >
 >
 >
 > Cheers,
 >
 > Alex
 >
 >


-- 
Alejandro Colomar
<http://www.alejandro-colomar.es/>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20220824/d5d07feb/attachment.bin>

More information about the nginx-devel mailing list