[PATCH] Start use capabilities on linux

Igor Sysoev is at rambler-co.ru
Wed Mar 18 08:55:02 MSK 2009


On Wed, Mar 18, 2009 at 04:23:48AM +0300, Maxim Dounin wrote:

> Hello!
> 
> On Wed, Mar 18, 2009 at 12:36:47AM +0300, Kirill A. Korinskiy wrote:
> 
> > From: Kirill A. Korinskiy <catap at catap.ru>
> > 
> > The nginx required privilege mode only on master process and only bind
> > ports <1024. In linux proccess can bind ports <1024 in not privilege
> > mode if the process does capset(CAP_NET_BIND_SERVICE).
> 
> Note that using root for master process needed not only for 
> bind(), but also to access restricted configuration files (e.g.  
> private keys) during reconfiguration.  So dropping root from 
> master should be at least configurable.
> 
> It's also not clear what will happen on binary upgrade.  Looks 
> like with current code capabilities will be lost on exec() and 
> upgraded binary won't be able to bind() privileged ports anymore.  
> But I'm not really familiar will linux capabilites interface, so I 
> may be wrong.
> 
> Not even mentioning you are dropping root before writing pidfile. 
> :)

The root privileges is also required to rotate logs if they are in
a directories where workers can not write: master opens files and
chown/chmod() them.

> Also there is a couple of unrelated changes and some whitespace 
> damage/style violations, but it doesn't really matter.
> 
> Maxim Dounin


-- 
Igor Sysoev
http://sysoev.ru/en/





More information about the nginx mailing list