History log of /unit/auto/unix (Results 1 – 8 of 8)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
Revision tags: 1.21.0-1, 1.21.0, 1.20.0-1, 1.20.0, 1.19.0-1, 1.19.0, 1.18.0-1, 1.18.0, 1.17.0-1, 1.17.0, 1.16.0-1, 1.16.0, 1.15.0-1, 1.15.0, 1.14.0-1, 1.14.0
# 1297:f04b5f7d6137 26-Nov-2019 Tiago Natel

Changed the group listing to run unprivileged when possible.

Now the nxt_user_groups_get() function uses getgrouplist(3) when available
(except MacOS, see below). For some platforms, getgrouplist()

Changed the group listing to run unprivileged when possible.

Now the nxt_user_groups_get() function uses getgrouplist(3) when available
(except MacOS, see below). For some platforms, getgrouplist() supports
a method of probing how much groups the user has but the behavior is not
consistent. The method used here consists of optimistically trying to get up
to min(256, NGROUPS_MAX) groups; only if ngroups returned exceeds the original
value, we do a second call. This method can block main's process if LDAP/NDIS+
is in use.

MacOS has getgrouplist(3) but it's buggy. It doesn't update ngroups if the
value passed is smaller than the number of groups the user has. Some
projects (like Go stdlib) call getgrouplist() in a loop, increasing ngroups
until it exceeds the number of groups user belongs to or fail when a limit
is reached. For performance reasons, this is to be avoided and MacOS is
handled in the fallback implementation.

The fallback implementation is the old Unit approach. It saves main's
user groups (getgroups(2)) and then calls initgroups(3) to load application's
groups in main, then does a second getgroups(2) to store the gids and restore
main's groups in the end. Because of initgroups(3)' call to setgroups(2),
this method requires root capabilities. In the case of OSX, which has
small NGROUPS_MAX by default (16), it's not possible to restore main's groups
if it's large; if so, this method fallbacks again: user_cred gids aren't
stored, and the worker process calls initgroups() itself and may block for
some time if LDAP/NDIS+ is in use.

show more ...


# 1292:ed99894c6b17 22-Nov-2019 Sergey Kandaurov

Configure: fixed posix_spawn() detection with glic 2.30.

In particular, it was previously broken on Ubuntu 19.10 and Fedora 31.
See for details: https://sourceware.org/git/?p=glibc.git;a=commitdiff;

Configure: fixed posix_spawn() detection with glic 2.30.

In particular, it was previously broken on Ubuntu 19.10 and Fedora 31.
See for details: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2ab5741

show more ...


Revision tags: 1.13.0-1, 1.13.0, 1.12.0-1, 1.12.0, 1.11.0-2, 1.11.0-1, 1.11.0, 1.10.0-2, 1.10.0-1, 1.10.0, 1.9.0-1, 1.9.0, 1.8.0-1, 1.8.0, 1.7.1-1, 1.7.1, 1.7-1, 1.7, 1.6-1, 1.6, 1.5-1, 1.5, 1.4-2, 1.4
# 733:d8656b9d7293 16-Jul-2018 Sergey Kandaurov

Added getentropy() support.

Prodded by David Carlier.


# 732:ab017ff0ee67 16-Jul-2018 Sergey Kandaurov

Supplied getrandom() test with commentary about supported OSes.


Revision tags: 1.3, 1.2
# 676:24e245cc1d4e 24-May-2018 Sergey Kandaurov

Using getrandom() libc interface, SYS_getrandom fixes.

The interface is available since Glibc 2.25, and FreeBSD 12.0.


Revision tags: 1.1, 1.0, 0.7, 0.6, 0.5, 0.4, 0.3, 0.2, 0.1
# 216:07257705cd64 17-Aug-2017 Igor Sysoev

The new module configuration interface.

Configuration and building example:

./configure
./configure python
./configure php
./configure go
make all

or

./configure
make nginext
./co

The new module configuration interface.

Configuration and building example:

./configure
./configure python
./configure php
./configure go
make all

or

./configure
make nginext
./configure python
make python
./configure php
make php
./configure go
make go

Modules configuration options and building examples:

./configure python --module=python2 --config=python2.7-config
make python2

./configure php --module=php7 --config=php7.0-config
--lib-path=/usr/local/php7.0
make php7

./configure go --go=go1.6 --go-path=${HOME}/go1.6
make go1.6

show more ...


# 158:6a2d50321e16 14-Jul-2017 Ruslan Ermilov

Restored arc4random unit test after 59fc46dd5e1d.


# 0:a63ceefd6ab0 17-Jan-2017 Igor Sysoev

Initial version.