d0b6fc23a9
passthrough working among other fixes running in production for a few months now reads good to sthen@
42 lines
1.6 KiB
Plaintext
42 lines
1.6 KiB
Plaintext
--- fcgi_pm.c.orig Tue Sep 23 00:24:45 2008
|
|
+++ fcgi_pm.c Wed Jan 28 23:45:46 2009
|
|
@@ -26,7 +26,7 @@ time_t fcgi_dynamic_epoch = 0; /* last time
|
|
* invoked by process mgr */
|
|
time_t fcgi_dynamic_last_analyzed = 0; /* last time calculation was
|
|
* made for the dynamic procs */
|
|
-
|
|
+int fcgi_is_chrooted = 0; /* If we run in a chrooted httpd */
|
|
static time_t now = 0;
|
|
|
|
#ifdef WIN32
|
|
@@ -1102,6 +1102,8 @@ static void dynamic_read_msgs(int read_ready)
|
|
/* Create socket file's path */
|
|
s->socket_path = fcgi_util_socket_hash_filename(tp, execName, user, group);
|
|
s->socket_path = fcgi_util_socket_make_path_absolute(sp, s->socket_path, 1);
|
|
+ if (fcgi_is_chrooted)
|
|
+ ap_server_strip_chroot((char *) s->socket_path, 1);
|
|
|
|
/* Create sockaddr, prealloc it so it won't get created in tp */
|
|
s->socket_addr = ap_pcalloc(sp, sizeof(struct sockaddr_un));
|
|
@@ -1665,7 +1667,19 @@ void fcgi_pm_main(void *dummy)
|
|
fcgi_config_set_env_var(fcgi_config_pool, dynamicEnvp, &i, "SystemRoot");
|
|
|
|
#else
|
|
-
|
|
+
|
|
+ if (ap_server_chroot_desired()) {
|
|
+ if (chroot(ap_server_root) < 0) {
|
|
+ ap_log_error(FCGI_LOG_NOTICE_NOERRNO, fcgi_apache_main_server,
|
|
+ "FastCGI: process manager unable to chroot into %s!", ap_server_root);
|
|
+ exit(1);
|
|
+ }
|
|
+ ap_log_error(FCGI_LOG_NOTICE_NOERRNO,
|
|
+ fcgi_apache_main_server, "FastCGI: process manager chrooted in %s", ap_server_root);
|
|
+ chdir("/");
|
|
+ fcgi_is_chrooted = 1;
|
|
+ }
|
|
+
|
|
reduce_privileges();
|
|
change_process_name("fcgi-pm");
|
|
|