Hello!

On Thu, Feb 16, 2017 at 08:12:40PM +0000, opal hart wrote:

> This patch adds a chroot feature to nginx, which lighttpd and Apache
> have had for a while, and which would be useful to allow for the nginx
> binary and config files to live outside the jail directory.
>
> # HG changeset patch
> # User opal hart <wowaname@volatile.ch>
> # Date 1487274704 0
> # Thu Feb 16 19:51:44 2017 +0000
> # Node ID 58e50038746aecdad10518afeccbfee66f91ac22
> # Parent 05fd0dc8f0dc808219f727dd18a5da2f078c4073
> Add 'chroot' config option and functionality

[...]

> diff -r 05fd0dc8f0dc -r 58e50038746a src/os/unix/ngx_process_cycle.c
> --- a/src/os/unix/ngx_process_cycle.c Thu Feb 16 18:37:22 2017 +0300
> +++ b/src/os/unix/ngx_process_cycle.c Thu Feb 16 19:51:44 2017 +0000
> @@ -829,6 +829,20 @@
> }
>
> if (geteuid() == 0) {
> + if (ccf->chroot.len) {
> + if (chdir((char *) ccf->chroot.data) == -1) {
> + ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno,
> + "chdir(%s) failed", ccf->chroot);
> + /* fatal */
> + exit(2);
> + }
> + if (chroot((char *) ccf->chroot.data) == -1) {

Thank you for your patch.

Unfortunately, there is a huge usability problem with such
apporach: it introduces different meaning for paths in master and
worker processes. Meanwhile, many paths are used in both master
and workers, some paths are used only in master, and some - only
in workers. And currently there is no way for a user to find out
where paths are going to be used - without digging into the source
code. This all leads to unavoidable confusion of users and very
bad user experience.

Earlier attempts to introduce such an option also tried to
seamlessly convert paths if it is possible, this may be slightly
better approach.

--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel