Changing ownership of proxy_temp and other temp directories

Shreenidhi Shedi sshedi at vmware.com
Sat Mar 18 20:31:43 UTC 2023 

Thanks for the inputs but if user has different paths configured for these temp files in nginx.conf; then again this permssion issue pops up. I also referred Fedora nginx spec file and considered this possibility but it's a bit complex on an already configured and running server instance.

I have created a bug at https://trac.nginx.org/nginx/ticket/2469 and submitted a patch, please review it when you get time.

--
Shedi
________________________________
From: Sergey A. Osokin <osa at freebsd.org.ru>
Sent: 17 March 2023 19:56
To: Shreenidhi Shedi <sshedi at vmware.com>
Cc: nginx at nginx.org <nginx at nginx.org>
Subject: Re: Changing ownership of proxy_temp and other temp directories

!! External Email

Hi Shedi,

On Fri, Mar 17, 2023 at 05:13:24AM +0000, Shreenidhi Shedi wrote:
> Thanks for the response Sergey A. Osokin.
>
> The problem is these temp locations are configurable parameters.
> So, from a spec file perspective it's hard to fetch these parameters
> and change the permissions.
>
> As ngnix is already doing the task of changing permission of top
> directory, is there any problem the same recursively?

I don't think I see a specific reason for nginx to do that, because
that may cause a delay with its start, but it's definitely
possible to:
o) implement a specific logic and rebuild nginx binary, also raise
   a request in https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftrac.nginx.org%2F&data=05%7C01%7Csshedi%40vmware.com%7C233de8ff58d24c75955908db26f3989d%7Cb39138ca3cee4b4aa4d6cd83d9dd62f0%7C0%7C0%7C638146599941295693%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Ldc9UpODK%2BitxiBnVrmSvXBdjwBk9HIqzRCX35Hr76w%3D&reserved=0 and submit a patch;
o) use other then /etc/nginx directory for temporary files, for
   example /var/tmp/nginx, see ./configure output for details

Hope that helps.

Thank you.

--
Sergey A. Osokin

!! External Email: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20230318/9d22606e/attachment.htm>

More information about the nginx mailing list