diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2015-11-16 20:52:49 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2015-11-16 20:53:11 +0900 |
| commit | f34553449a173afc7be7d109f5d754e865c702ef (patch) | |
| tree | c35db5f0a2d06fcfcfe82a25250a371e76a4b035 | |
| parent | a5aa53a9174f47450582b29cb93cbd162753bf47 (diff) | |
| download | plum-f34553449a173afc7be7d109f5d754e865c702ef.tar.gz | |
rack: add option to drop privileges
| -rw-r--r-- | examples/rack-example-config.rb | 3 | ||||
| -rw-r--r-- | lib/plum/rack/dsl.rb | 8 | ||||
| -rw-r--r-- | lib/plum/rack/server.rb | 22 |
3 files changed, 33 insertions, 0 deletions
diff --git a/examples/rack-example-config.rb b/examples/rack-example-config.rb index d8d3dcb..8f5e1f1 100644 --- a/examples/rack-example-config.rb +++ b/examples/rack-example-config.rb @@ -4,6 +4,9 @@ server_push true threaded false # create a new thread per request fallback_legacy "127.0.0.1:8080" # forward if client doesn't support HTTP/2 +user "nobody" +group "nobody" + # listeners may be multiple listener :unix, { path: "/tmp/plum.sock", mode: 600 } listener :tcp, { hostname: "0.0.0.0", port: 80 } diff --git a/lib/plum/rack/dsl.rb b/lib/plum/rack/dsl.rb index b1f8bb0..006d6dc 100644 --- a/lib/plum/rack/dsl.rb +++ b/lib/plum/rack/dsl.rb @@ -49,6 +49,14 @@ module Plum @config[:fallback_legacy_host] = h @config[:fallback_legacy_port] = p.to_i end + + def user(username) + @config[:user] = username + end + + def group(groupname) + @config[:group] = groupname + end end end end diff --git a/lib/plum/rack/server.rb b/lib/plum/rack/server.rb index 1f3d32c..9a0caf4 100644 --- a/lib/plum/rack/server.rb +++ b/lib/plum/rack/server.rb @@ -17,6 +17,10 @@ module Plum @logger.info("Plum #{::Plum::VERSION}") @logger.info("Config: #{config}") + + if @config[:user] + drop_privileges + end end def start @@ -100,6 +104,24 @@ module Plum ensure upstream.close if upstream end + + def drop_privileges + begin + user = @config[:user] + group = @config[:group] || user + @logger.info "Dropping process privilege to #{user}:#{group}" + + cuid, cgid = Process.euid, Process.egid + tuid, tgid = Etc.getpwnam(user).uid, Etc.getgrnam(group).gid + + Process.initgroups(user, tgid) + Process::GID.change_privilege(tgid) + Process::UID.change_privilege(tuid) + rescue Errno::EPERM => e + @ogger.fatal "Could not change privilege: #{e}" + exit 2 + end + end end end end |