mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-01 01:17:02 +00:00
Code Issues Releases Activity

Varnish has its own mechanism for dropping privs, and will not work if

Browse Source 
started with su as rc.subr wants.  If we unset varnishd_{user,group}
before calling run_rc_command, rc.subr won't see them, but we can still
use them to specify which user and group Varnish should use.
This commit is contained in:
Dag-Erling Smørgrav 2008-11-18 14:22:01 +00:00
parent 53ed6d0437
commit 9aa33de084
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=223007
2 changed files with 22 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
www/varnish/files/varnishd.in
View File

@ -18,7 +18,9 @@
#varnishd_config="%%PREFIX%%/etc/varnish/default.vcl"
#varnishd_telnet="localhost:6082"
#varnishd_storage="file,/tmp,50%"
#varnishd_flags="-P ${pidfile} -a ${varnishd_listen} -f ${varnishd_config} -T ${varnishd_telnet} -s ${varnishd_storage}"
#varnishd_user="www"
#varnishd_group="www"
#varnishd_flags="-P ${pidfile} -a ${varnishd_listen} -f ${varnishd_config} -T ${varnishd_telnet} -s ${varnishd_storage} -u ${varnishd_user} -g ${varnishd_group}"
#
# See varnishd(1) for a detailed overview of command-line options.
#
@ -38,6 +40,13 @@ load_rc_config ${name}
: ${varnishd_config="%%PREFIX%%/etc/varnish/default.vcl"}
: ${varnishd_telnet="localhost:6082"}
: ${varnishd_storage="file,/tmp,50%"}
: ${varnishd_flags="-P ${pidfile} -a ${varnishd_listen} -f ${varnishd_config} -T ${varnishd_telnet} -s ${varnishd_storage}"}
: ${varnishd_user="www"}
: ${varnishd_group="www"}
: ${varnishd_flags="-P ${pidfile} -a ${varnishd_listen} -f ${varnishd_config} -T ${varnishd_telnet} -s ${varnishd_storage} -u ${varnishd_user} -g ${varnishd_group}"}
# If we leave these set, rc.subr will su to them before starting
# varnishd, which is not what we want.
unset varnishd_user
unset varnishd_group
run_rc_command "$1"

13
www/varnish2/files/varnishd.in
View File

@ -18,7 +18,9 @@
#varnishd_config="%%PREFIX%%/etc/varnish/default.vcl"
#varnishd_telnet="localhost:6082"
#varnishd_storage="file,/tmp,50%"
#varnishd_flags="-P ${pidfile} -a ${varnishd_listen} -f ${varnishd_config} -T ${varnishd_telnet} -s ${varnishd_storage}"
#varnishd_user="www"
#varnishd_group="www"
#varnishd_flags="-P ${pidfile} -a ${varnishd_listen} -f ${varnishd_config} -T ${varnishd_telnet} -s ${varnishd_storage} -u ${varnishd_user} -g ${varnishd_group}"
#
# See varnishd(1) for a detailed overview of command-line options.
#
@ -38,6 +40,13 @@ load_rc_config ${name}
: ${varnishd_config="%%PREFIX%%/etc/varnish/default.vcl"}
: ${varnishd_telnet="localhost:6082"}
: ${varnishd_storage="file,/tmp,50%"}
: ${varnishd_flags="-P ${pidfile} -a ${varnishd_listen} -f ${varnishd_config} -T ${varnishd_telnet} -s ${varnishd_storage}"}
: ${varnishd_user="www"}
: ${varnishd_group="www"}
: ${varnishd_flags="-P ${pidfile} -a ${varnishd_listen} -f ${varnishd_config} -T ${varnishd_telnet} -s ${varnishd_storage} -u ${varnishd_user} -g ${varnishd_group}"}
# If we leave these set, rc.subr will su to them before starting
# varnishd, which is not what we want.
unset varnishd_user
unset varnishd_group
run_rc_command "$1"