Changing ownership of proxy_temp and other temp directories
Sergey A. Osokin
osa at freebsd.org.ru
Thu Mar 16 21:16:40 UTC 2023
Hi,
On Thu, Mar 16, 2023 at 06:19:42PM +0000, Shreenidhi Shedi via nginx wrote:
>
> I have hosted a nginx server instance and the temp directories are created under /etc/nginx/
>
> $ ls -ld /etc/nginx/*_temp
> drwx------ 2 nobody root 4096 Mar 16 15:21 /etc/nginx/client_body_temp
[...]
>
> And I updated to a newer version of nginx which runs in "nginx" user
> context and after that these directory ownership is getting changed
> to nginx:root but the issue is, it happens only on these top
> directories and not directories within these temp directories.
>
> I did strace on the same to confirm my theory.
[strace is skipped]
It seems like previously nginx' worker process was running under
`nobody' user, so the directory structure has appropriate
permissions. The configuration setting was changed to `nginx'
user then, and when nginx main process started, it checked and
updated directories permissions according to the new settings.
> Now the issue is, why chown happens only on top directory and
> not recursively on all files and directories inside them?
Please take a look in the source code,
http://hg.nginx.org/nginx/file/tip/src/core/ngx_file.c#l598
> Is this a bug or is it fixed in latest version of nginx?
I don't think there's a bug in that part of the code.
As a workaround for the transition content to a new user, it's
easy to run an one line script to update permissions of those
directories.
> I'm currently using nginx-1.22.0. Any help would be appreciated.
I'd recommend to upgrade to the recent version in stable
branch, 1.22.1.
Thank you.
--
Sergey A. Osokin
More information about the nginx
mailing list