From: chris Date: Sat, 10 May 2014 19:07:25 +0000 (+0000) Subject: Allow -p prefix to override user home directory for chroot() (Like X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=7230d79359c53b00f6e424b0eb4557ad88d58734;p=openbsd Allow -p prefix to override user home directory for chroot() (Like openbsd-apache ServerRoot behavior) Work continues to unify nginx behavior (Principle of Least Astonishment) ok henning@ --- diff --git a/usr.sbin/nginx/src/os/unix/ngx_process_cycle.c b/usr.sbin/nginx/src/os/unix/ngx_process_cycle.c index 0704cc1cae5..77fdcf21fe5 100644 --- a/usr.sbin/nginx/src/os/unix/ngx_process_cycle.c +++ b/usr.sbin/nginx/src/os/unix/ngx_process_cycle.c @@ -897,6 +897,8 @@ ngx_worker_process_init(ngx_cycle_t *cycle, ngx_int_t worker) #endif if (geteuid() == 0) { + char *prefix; + if (!ngx_chrooted) { goto nochroot; } @@ -908,23 +910,28 @@ ngx_worker_process_init(ngx_cycle_t *cycle, ngx_int_t worker) exit(2); } - if (stat(pw->pw_dir, &stb) == -1) { + if (ngx_prefix) + prefix = (char *)ngx_prefix; + else + prefix = pw->pw_dir; + + if (stat(prefix, &stb) == -1) { ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno, - "stat(%s) failed", pw->pw_dir); + "stat(%s) failed", prefix); /* fatal */ exit(2); } if (stb.st_uid != 0 || (stb.st_mode & (S_IWGRP|S_IWOTH)) != 0) { ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno, - "bad privsep dir permissions on %s", pw->pw_dir); + "bad privsep dir permissions on %s", prefix); /* fatal */ exit(2); } - if (chroot(pw->pw_dir) == -1) { + if (chroot(prefix) == -1) { ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno, - "chroot(%s) failed", pw->pw_dir); + "chroot(%s) failed", prefix); /* fatal */ exit(2); }