Menu
▾
▴
naviserver-tracker — SourceForge Tracker Notifications
You can subscribe to this list here.
| 2005 |
Jan
|
Feb
(61) |
Mar
(153) |
Apr
(39) |
May
(10) |
Jun
(15) |
Jul
(15) |
Aug
(2) |
Sep
|
Oct
(17) |
Nov
(2) |
Dec
(13) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2006 |
Jan
(18) |
Feb
(9) |
Mar
|
Apr
|
May
|
Jun
|
Jul
(7) |
Aug
(1) |
Sep
(2) |
Oct
|
Nov
(1) |
Dec
|
| 2007 |
Jan
(8) |
Feb
(3) |
Mar
|
Apr
|
May
(2) |
Jun
|
Jul
(2) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
(6) |
May
(1) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: SourceForge.net <no...@so...> - 2005-02-22 02:09:35
|
Bugs item #1145927, was opened at 2005-02-21 19:09 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719006&aid=1145927&group_id=130646 Category: None Group: Current Status: Open Resolution: None Priority: 4 Submitted By: Stephen Deasey (sdeasey) Assigned to: Stephen Deasey (sdeasey) Summary: application/xml not text/xml Initial Comment: Currently, xml-like files are served up as text/xml, but the correct mime type is application/xml. Various 'bad things' happen when you get this wrong: http://www.xml.com/pub/a/2004/07/21/dive.html http://www.xml.com/pub/a/2004/08/04/deviant.html I'm going to change the .xml and .xsl mime types to application/xml. I'll also add in a few other xml types such as .rdf, rss and .xslt. And various missing media types like .mp4, .swf. .torrent etc. Should be no problems. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719006&aid=1145927&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-21 09:28:21
|
Bugs item #1145277, was opened at 2005-02-21 02:28 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719006&aid=1145277&group_id=130646 Category: None Group: Current Status: Open Resolution: None Priority: 6 Submitted By: Stephen Deasey (sdeasey) Assigned to: Stephen Deasey (sdeasey) Summary: Encoding URL path and query components Initial Comment: The current code follows (mostly) the rules for encoding/decoding segments of a URL query component. But the rules for segments of the path component are different, and there is no code to handle this. One of those differences is the treatment of + characters. In the query component this should be decoded into an ASCII space. In the path component however it should be treated literaly. The end result is that clients which correctly request the file /some+file are dissapointed with a 404 error. This patch deprecates the old C API and introduces the following new routines: Tcl_Encoding Ns_GetUrlEncoding(char *charset); char *Ns_UrlPathEncode(Ns_DString *, char *, Tcl_Encoding); char *Ns_UrlPathDecode(Ns_DString *, char *, Tcl_Encoding); char *Ns_UrlQueryEncode(Ns_DString *, char *, Tcl_Encoding); char *Ns_UrlQueryDecode(Ns_DString *, char *, Tcl_Encoding); request.c is modified to call Ns_UrlPathDecode() and form.c is modified to call Ns_UrlQueryDecode(). The updated Tcl commands look like this: ns_urldecode ?-part path|query? ?--? segment ns_urlencode ?-part path|query? ?--? segment ?segment ...? If the URL component part is not specified, the default is 'query'. Multiple segments will be joined with / or & when encoding. The '-charset' switch has been dropped, it seems broken considering Tcl's use of UTF8 encoded strings internaly. I added a set of tests to exercise the Tcl commands. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719006&aid=1145277&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-18 07:38:23
|
Bugs item #1143586, was opened at 2005-02-18 08:29 Message generated for change (Settings changed) made by vasiljevic You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719006&aid=1143586&group_id=130646 >Category: Tcl-API >Group: Current Status: Closed Resolution: Fixed Priority: 5 Submitted By: Zoran Vasiljevic (vasiljevic) Assigned to: Nobody/Anonymous (nobody) Summary: ns_chan broken for Tcl 8.4+ Initial Comment: When linked against Tcl 8.4 the ns_chan may corrupt Tcl internal channel list when tossing channels between threads, resulting in memory corruption and server exitus. ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-18 08:29 Message: Logged In: YES user_id=95086 Fixed in CVS head. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719006&aid=1143586&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-18 07:29:52
|
Bugs item #1143586, was opened at 2005-02-18 08:29 Message generated for change (Comment added) made by vasiljevic You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719006&aid=1143586&group_id=130646 Category: None Group: None >Status: Closed >Resolution: Fixed Priority: 5 Submitted By: Zoran Vasiljevic (vasiljevic) Assigned to: Nobody/Anonymous (nobody) Summary: ns_chan broken for Tcl 8.4+ Initial Comment: When linked against Tcl 8.4 the ns_chan may corrupt Tcl internal channel list when tossing channels between threads, resulting in memory corruption and server exitus. ---------------------------------------------------------------------- >Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-18 08:29 Message: Logged In: YES user_id=95086 Fixed in CVS head. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719006&aid=1143586&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-18 07:29:12
|
Bugs item #1143586, was opened at 2005-02-18 08:29 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719006&aid=1143586&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Zoran Vasiljevic (vasiljevic) Assigned to: Nobody/Anonymous (nobody) Summary: ns_chan broken for Tcl 8.4+ Initial Comment: When linked against Tcl 8.4 the ns_chan may corrupt Tcl internal channel list when tossing channels between threads, resulting in memory corruption and server exitus. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719006&aid=1143586&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-16 19:21:29
|
Feature Requests item #1119365, was opened at 2005-02-09 15:43 Message generated for change (Comment added) made by seryakov You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1119365&group_id=130646 Category: None Group: None >Status: Closed Resolution: None Priority: 5 Submitted By: Vlad Seryakov (seryakov) Assigned to: Vlad Seryakov (seryakov) Summary: Watchdog/binder process Initial Comment: I find current binder and -b command line option not very usefull and easy to administer. Can we revert back to 3.x binder and combine it with simple watchdog process, so on start ns forks watchdog/biner process, check for exit status and accepts requests for socket allocation. ---------------------------------------------------------------------- >Comment By: Vlad Seryakov (seryakov) Date: 2005-02-16 19:21 Message: Logged In: YES user_id=184124 Watchdog is separate issue, binder extended. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-11 14:05 Message: Logged In: YES user_id=184124 In case of icmp sockets, thet are just raw sockets without any ports, so for exampe for SNMP monitoring package i have, i need 100 sockets pre-opened that i can use to perform pings. So, i specify -b 0/icmp/100 just ot keep the syntax same with other protocols. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-11 03:59 Message: Logged In: YES user_id=87254 Yeah, 0.0.0.0 works for me, too :-) I don't know enough about icmp/raw sockets to know if that makes sense (what is 'count' for?), but /protocl looks good. I haven't looked at this at all for multi-protocol stuff, but it's obviously desirable. It's great that Vlad's already done this and I dont have to! Although I run daemontools and Linux exclusively, I do have one instance where I ship an AOLserver out to customers and daemontools is just not appropriate there. So Zoran's watchdog sounds great, too. ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 19:39 Message: Logged In: YES user_id=95086 Aha! This I will have to check and see if this works for me also. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 19:30 Message: Logged In: YES user_id=184124 I use -b 0.0.0.0 currently, 4.0.10 and 4.1 worked fine. When use -b 0.0.0.0 then address for nssosck should be 0.0.0.0 as well, not empty. ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 17:33 Message: Logged In: YES user_id=95086 This is what I'Ve done (nsd/driver.c) void NsStartDrivers(void) { Driver *drvPtr; /* * Listen on all drivers. */ drvPtr = firstDrvPtr; while (drvPtr != NULL) { #if 0 /* zv */ drvPtr->sock = Ns_SockListenEx(drvPtr->bindaddr, drvPtr->port, drvPtr->backlog); #else /* Listen on all known interfaces/addresses */ drvPtr->sock = Ns_SockListenEx(NULL, drvPtr->port, drvPtr->backlog); #endif I tried -b 0.0.0.0 but somehow it didn't work hence I reverted to heavy guns :) ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 17:14 Message: Logged In: YES user_id=184124 Do you mean -b 0.0.0.0:80? It will listen on all interfaces for port 80? ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 10:55 Message: Logged In: YES user_id=95086 Eventually, the watchdog/binder combination seems not the way to go (privileges issue). I see. Concerning binder: I would need an option, (may be even compile-time one, don't care) for the server to listen on all network interfaces, including loopback. Apart from this, I have no immediate nor mid-term needs to modify anything there so I suppose I will be perfectly happy with any changes you guys need in this area. Concerning watchdog: we can't use daemontools nor init. Also, we do have windows as platform, remember. We have struggled to get *minimum* interface to the rest of the system hence our product is easily installable and removable from the system. Actually, the only point we have in common (config-wise) are entries in the startup machinery. Therefore, a control-process from within the nsd is ideal for our needs. I have done this with --enable-watchdog and it is #ifdef'ed in the code so for just about any other user of the server this is pretty invisible and obscure (no backward compat problems also). ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-09 21:00 Message: Logged In: YES user_id=184124 Here is the new syntax i added to the binder: addr:port[/protocol] port[/protocol] 0/icmp[/count] where protocol can be tcp,udp,unix,icmp is special case of raw socket, added by count. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 20:55 Message: Logged In: YES user_id=87254 Adding support for socket types other than TCP to the binder sounds like a great idea. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-09 19:55 Message: Logged In: YES user_id=184124 I agree, i use inittab for aolserver myself calling bach script which parses nsd.tcl for address/port keyworkd and builds -b options on the fly. In case of inittab, no need in watchdog as well. It is not even on my wish list, i just figured if watchdog is to berunning as root, then it can include binder support. Let's put aside binder as separate process issue for a while, but i'd like to add to regular 4.x binder what i did for supporting UDP/TCP/UNIX/RAW sockets. They still need to be pre-bound but then can be used from within AS, this is how snmp and dns modules uses those sockets. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 19:52 Message: Logged In: YES user_id=87254 Hmm... I guess you could split the config into multiple pieces, let admins manage everything except address and port to bind to. But would we mandate that in the defautl set-up, or just hope people didn't screw up in practice? ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 19:49 Message: Logged In: YES user_id=87254 I think the issue here is that you need root privs to bind to port 80. The address and port are specified in the config file. The config file is a Tcl script. So to allow someone to change your webserver config file you need to give away root privs on your server. I'm not super keen on this :-) IIRC in 3.x there was a lot of code to make sure that the config script was evaled in a safe interp, and the motivation for the binder was code reduction/simplification. This also impacts the chroot functionality. Idealy you want to chroot as the last thing you do before dropping root privs so that you can open all your fileslink to libraries etc., and not have to recreate a complete copy of your environment in the jail. But you need to know which directory that is, and that's in the config file, which is a script... Personaly, I use daemontools to manage my servers. You need to create a simple wrapper script for this to work and I find that is the ideal place to set some environment variables for the IP, PORT etc. I can pass those along on the command line and extract them from the env in the tcl config script with [env get IP] and so on. The binder is a neat solution, but in practice it trips a lot of people up and it's just a pain. Giving away root is not a great solution though... :-( ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-09 17:23 Message: Logged In: YES user_id=95086 Honestly, I did forget already how 3.x did the binding :-What we do in 4.0 is to bind on all interfaces (I modified that in our private version). But I'm open to all variants. I suppose I should look back in 3.x code how that was done... Or, you have a crystal-clear picture already in which case I will simply believe you ;-) As soon as we create the sandbox, we can start hacking this in. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1119365&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-15 08:07:35
|
Feature Requests item #1122940, was opened at 2005-02-15 01:05 Message generated for change (Comment added) made by sdeasey You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1122940&group_id=130646 Category: C-API Group: None Status: Open Resolution: None Priority: 5 Submitted By: Stephen Deasey (sdeasey) Assigned to: Stephen Deasey (sdeasey) Summary: Tcl command switch parsing routines Initial Comment: Parsing the switches and arguments for a Tcl command can be a real pain: it's very easy to make off-by-one errors, and it often involves a lot of repetitive typing which obscures the real intent of the command. The attached patch provides the routine Ns_ParseObjv. It parses switches and arguments, checks types, and generates error/usage messages automatically. Switches are handled efficiently via indexed lookups. The intent is not only to reduce the number of errors in switch handling code but to make switch handling such an easy task that developers are more likely to design easy to use, tcl-friendly APIs rather than APIs that are convenient to implement. ---------------------------------------------------------------------- >Comment By: Stephen Deasey (sdeasey) Date: 2005-02-15 01:07 Message: Logged In: YES user_id=87254 Here's an example: int NsTclCacheCreateObjCmd(ClientData arg, Tcl_Interp *interp, int objc, Tcl_Obj *CONST objv[]) { Ns_Cache *cache; Ns_DString ds; int scope = CACHE_SERVER; int size = 0, objsize = 0, entries = 0, timeout = 0; char *name = NULL; Ns_ObjvTable scopes[] = { {"global", CACHE_GLOBAL}, {"server", CACHE_SERVER}, {"interp", CACHE_INTERP}, NULL, NULL }; Ns_ObjvSpec opts[] = { {"-scope", Ns_ObjvIndex, &scope, &scopes}, {"-size", Ns_ObjvInt, &size, NULL}, {"-objsize", Ns_ObjvInt, &objsize, NULL}, {"-entries", Ns_ObjvInt, &entries, NULL}, {"-timeout", Ns_ObjvInt, &timeout, NULL}, {"--", Ns_ObjvBreak, NULL, NULL}, {NULL, NULL, NULL, NULL} }; Ns_ObjvSpec args[] = { {"cache", Ns_ObjvString, &name, NULL}, {NULL, NULL, NULL, NULL} }; if (Ns_ParseObjv(opts, args, interp, 1, objc, objv) != NS_OK) { return TCL_ERROR; } /* . . . */ return TCL_OK; } ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1122940&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-15 08:05:54
|
Feature Requests item #1122940, was opened at 2005-02-15 01:05 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1122940&group_id=130646 Category: C-API Group: None Status: Open Resolution: None Priority: 5 Submitted By: Stephen Deasey (sdeasey) Assigned to: Stephen Deasey (sdeasey) Summary: Tcl command switch parsing routines Initial Comment: Parsing the switches and arguments for a Tcl command can be a real pain: it's very easy to make off-by-one errors, and it often involves a lot of repetitive typing which obscures the real intent of the command. The attached patch provides the routine Ns_ParseObjv. It parses switches and arguments, checks types, and generates error/usage messages automatically. Switches are handled efficiently via indexed lookups. The intent is not only to reduce the number of errors in switch handling code but to make switch handling such an easy task that developers are more likely to design easy to use, tcl-friendly APIs rather than APIs that are convenient to implement. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1122940&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-11 20:50:16
|
Feature Requests item #1120023, was opened at 2005-02-10 14:30 Message generated for change (Comment added) made by vasiljevic You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120023&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Zoran Vasiljevic (vasiljevic) Assigned to: Zoran Vasiljevic (vasiljevic) Summary: Allow to start server under root privilges Initial Comment: Before all of you freak out, read please :-) Currently the server will just complain if you attempt to start it as root. However, we do need to do this. Our app is actually a backup/archive and server-synchronize product and it needs to access all files on the server and do something with them. For this to work, I had to manually disable checking for user/group of 0/0 during the startup. Now, my idea is to allow compile-time option which would control this, like for example --enable-rootuser or similar. I think Apache build allows you to do this (at least it did when I worked with Apache for the last time, about 6 years ago). Default would be to *not* allow server to be started as root, which is what we have now. This can be #ifdef ALLOW_ROOT_USER #endif at one place in the nsmain.c. Any thoughts? ---------------------------------------------------------------------- >Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-11 21:50 Message: Logged In: YES user_id=95086 Allright for me. As soon as cvs is in place I will add this. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-11 15:02 Message: Logged In: YES user_id=184124 That's okay with me ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-11 04:50 Message: Logged In: YES user_id=87254 I think thttpd works like this. A lot of it's config settings are compile time only options (you actually have to hack the makefile). But Vlad makes a good point: If some one asks to run as root maybe we should just respect that. I'm not sure about running as user 'nobody' as default though. I think that is an apache specific user, created when you install that package. It might not always exist. Also, if all daemons run as 'nobody' then you're really not increasing security, because a flaw in one exposes the data of all the others rather than contain it. I would suggest the following: You *have* to supply the user to switch to on the command line. If you don't, the server complains and exits. You may specify root, in which case we log a warning message but respect your wishes and continue. Specifying any other user works as before. I would be happy with something like that. Sound OK? ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 18:18 Message: Logged In: YES user_id=95086 You mean: no user given -> run as nobody (65534 or whatever uid nobody is) user given -> run as this user, whatever the user (might be root, uid=0) OK. No problems for me. This is even simpler. If nobody objects, I will make this change. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 16:25 Message: Logged In: YES user_id=184124 I have no problem with that, if want NS to be more versatile than just webserver we will have to run it as root for some tasks, so i would suggest event more radical solution, if root given as id on the command line, run it as root, if nothing given via command line, switch to default nobody if root. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120023&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-11 14:12:17
|
Feature Requests item #1120167, was opened at 2005-02-10 17:13 Message generated for change (Comment added) made by seryakov You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120167&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Vlad Seryakov (seryakov) Assigned to: Vlad Seryakov (seryakov) Summary: Cron like scheduler Initial Comment: I have working cron-like scheduer as Tcl command for other project and it makes real difference in doing background tasks. Current AS schedule_proc functionality is fine but not flexible, having it as unix cron would give real opportunities to run tasks from AS, not using UNIX cron in addition. I have code, it is very small and simple, i was surpised myself when i have it done. I am just not sure is it better be new command or extend ns_schedule_proc with additional switches. Currently, syntax is somethign like this: ns_cron script -id id -enable 0|1 -once 0|1 -thread 0|1 -min N -hour N -day N -mon N -year N -dow N -interval N -min|hour|mon|day|year|dow can be repeated. ---------------------------------------------------------------------- >Comment By: Vlad Seryakov (seryakov) Date: 2005-02-11 14:12 Message: Logged In: YES user_id=184124 This is Tcl command, parsing isn't that hard assuming that everything comes as switch value pairs. It is C+++, but converting to use Tcl hases instead of queue is simple. ------------------------------------------------------------- case cmdSchedule: { if(objc < 3) { Tcl_WrongNumArgs(interp,2,objv,"script ?-id id? ?-min mins? ?-hour hrs? ?-day day? ?-mon mon? ?-year year? ?-dow dow? ?-interval secs? ?-thread 0|1? ?-once 0|1? ?-enable 0|1? ?-remove 1?"); return TCL_ERROR; } Schedule *sched = 0; for(int i = 3;i < objc - 1;i += 2) { if(!strcmp(Tcl_GetString(objv[i]),"-min")) { int v = atoi(Tcl_GetString(objv[i+1])); if(v < 0 || v >= 60) continue; if(!sched) sched = new Schedule(); sched->min[v] = 1; sched->min[sizeof(sched->min)-1] = 1; } else if(!strcmp(Tcl_GetString(objv[i]),"-hour")) { int v = atoi(Tcl_GetString(objv[i+1])); if(v < 0 ||v >= 24) continue; if(!sched) sched = new Schedule(); sched->hour[v] = 1; sched->hour[sizeof(sched->hour)-1] = 1; } else if(!strcmp(Tcl_GetString(objv[i]),"-day")) { int v = atoi(Tcl_GetString(objv[i+1])); if(v < 0 || v >= 32) continue; if(!sched) sched = new Schedule(); sched->mday[v] = 1; sched->mday[sizeof(sched->mday)-1] = 1; } else if(!strcmp(Tcl_GetString(objv[i]),"-mon")) { int v = atoi(Tcl_GetString(objv[i+1])); if(v < 1 || v > 12) continue; if(!sched) sched = new Schedule(); sched->mon[v-1] = 1; sched->mon[sizeof(sched->mon)-1] = 1; } else if(!strcmp(Tcl_GetString(objv[i]),"-year")) { int v = atoi(Tcl_GetString(objv[i+1])); if(v < 2005 || v >= 2015) continue; if(!sched) sched = new Schedule(); sched->year[v-2005] = 1; sched->year[sizeof(sched->year)-1] = 1; } else if(!strcmp(Tcl_GetString(objv[i]),"-dow")) { int v = atoi(Tcl_GetString(objv[i+1])); if(v < 0 || v >= 7) continue; if(!sched) sched = new Schedule(); sched->wday[v] = 1; sched->wday[sizeof(sched->wday)-1] = 1; } else if(!strcmp(Tcl_GetString(objv[i]),"-interval")) { if(!sched) sched = new Schedule(); sched->interval = atoi(Tcl_GetString(objv[i+1])); } else if(!strcmp(Tcl_GetString(objv[i]),"-thread")) { if(!sched) sched = new Schedule(); sched->thread_flag = atoi(Tcl_GetString(objv[i+1])); } else if(!strcmp(Tcl_GetString(objv[i]),"-once")) { if(!sched) sched = new Schedule(); sched->once_flag = atoi(Tcl_GetString(objv[i+1])); } else if(!strcmp(Tcl_GetString(objv[i]),"-enable")) { if(!sched) sched = new Schedule(); sched->enable_flag = atoi(Tcl_GetString(objv[i+1])); } else if(!strcmp(Tcl_GetString(objv[i]),"-remove")) { if(sched) delete sched; sched = 0; return TCL_OK; } else if(!strcmp(Tcl_GetString(objv[i]),"-id")) { if(sched) delete sched; int id = atoi(Tcl_GetString(objv[i+1])); vector<Schedule*>::iterator iter; pthread_mutex_lock(&schedmutex); for(iter = schedqueue.begin();iter != schedqueue.end();iter++) { sched = *iter; if(sched->id == id) { schedqueue.erase(iter); break; } } pthread_mutex_unlock(&schedmutex); if(iter == schedqueue.end()) { Tcl_AppendResult(interp,"schedule id not found",0); return TCL_ERROR; } } } if(!sched || sched->Setup()) { Tcl_AppendResult(interp,"unable to setup schedule, no date/time given",0); return TCL_ERROR; } sched->script = Tcl_GetString(objv[2]); pthread_mutex_lock(&schedmutex); schedqueue.push_back(sched); pthread_mutex_unlock(&schedmutex); Tcl_SetObjResult(interp,Tcl_NewIntObj(sched->id)); } ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-11 04:05 Message: Logged In: YES user_id=87254 That's a lot of switches to parse, you should check out my new Ns_ParseObjv (when I get it posted...) ! Hmm, not sure what the best api would be. It would be nice to have everything integrated with the sched stuff that's already there. The switch parsing for NsTclSchedCmd looks scary though :-) You've both already tackled this though, so looks like a good candidate for inclusion. Sounds good to me. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 17:27 Message: Logged In: YES user_id=184124 No, it is C module for use in Tcl, not pure Tcl implementation, i use it in C application with embedded Tcl for scripting. Once i get to my home and reincarnate dialup or bring it on laptop tomorrow, it sucks to be without Internet at home. ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 17:23 Message: Logged In: YES user_id=95086 All Tcl? Care to attach the implementation? I also had the need for this and did it myself i Tcl as well (hey, we're masters in reinventing the wheel!) I think the reason to implement this in core server as C-code was the idea to be able to use it from the C-API as well w/o being dependent on some Tcl code from outside. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120167&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-11 14:05:09
|
Feature Requests item #1119365, was opened at 2005-02-09 15:43 Message generated for change (Comment added) made by seryakov You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1119365&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Vlad Seryakov (seryakov) Assigned to: Vlad Seryakov (seryakov) Summary: Watchdog/binder process Initial Comment: I find current binder and -b command line option not very usefull and easy to administer. Can we revert back to 3.x binder and combine it with simple watchdog process, so on start ns forks watchdog/biner process, check for exit status and accepts requests for socket allocation. ---------------------------------------------------------------------- >Comment By: Vlad Seryakov (seryakov) Date: 2005-02-11 14:05 Message: Logged In: YES user_id=184124 In case of icmp sockets, thet are just raw sockets without any ports, so for exampe for SNMP monitoring package i have, i need 100 sockets pre-opened that i can use to perform pings. So, i specify -b 0/icmp/100 just ot keep the syntax same with other protocols. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-11 03:59 Message: Logged In: YES user_id=87254 Yeah, 0.0.0.0 works for me, too :-) I don't know enough about icmp/raw sockets to know if that makes sense (what is 'count' for?), but /protocl looks good. I haven't looked at this at all for multi-protocol stuff, but it's obviously desirable. It's great that Vlad's already done this and I dont have to! Although I run daemontools and Linux exclusively, I do have one instance where I ship an AOLserver out to customers and daemontools is just not appropriate there. So Zoran's watchdog sounds great, too. ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 19:39 Message: Logged In: YES user_id=95086 Aha! This I will have to check and see if this works for me also. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 19:30 Message: Logged In: YES user_id=184124 I use -b 0.0.0.0 currently, 4.0.10 and 4.1 worked fine. When use -b 0.0.0.0 then address for nssosck should be 0.0.0.0 as well, not empty. ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 17:33 Message: Logged In: YES user_id=95086 This is what I'Ve done (nsd/driver.c) void NsStartDrivers(void) { Driver *drvPtr; /* * Listen on all drivers. */ drvPtr = firstDrvPtr; while (drvPtr != NULL) { #if 0 /* zv */ drvPtr->sock = Ns_SockListenEx(drvPtr->bindaddr, drvPtr->port, drvPtr->backlog); #else /* Listen on all known interfaces/addresses */ drvPtr->sock = Ns_SockListenEx(NULL, drvPtr->port, drvPtr->backlog); #endif I tried -b 0.0.0.0 but somehow it didn't work hence I reverted to heavy guns :) ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 17:14 Message: Logged In: YES user_id=184124 Do you mean -b 0.0.0.0:80? It will listen on all interfaces for port 80? ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 10:55 Message: Logged In: YES user_id=95086 Eventually, the watchdog/binder combination seems not the way to go (privileges issue). I see. Concerning binder: I would need an option, (may be even compile-time one, don't care) for the server to listen on all network interfaces, including loopback. Apart from this, I have no immediate nor mid-term needs to modify anything there so I suppose I will be perfectly happy with any changes you guys need in this area. Concerning watchdog: we can't use daemontools nor init. Also, we do have windows as platform, remember. We have struggled to get *minimum* interface to the rest of the system hence our product is easily installable and removable from the system. Actually, the only point we have in common (config-wise) are entries in the startup machinery. Therefore, a control-process from within the nsd is ideal for our needs. I have done this with --enable-watchdog and it is #ifdef'ed in the code so for just about any other user of the server this is pretty invisible and obscure (no backward compat problems also). ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-09 21:00 Message: Logged In: YES user_id=184124 Here is the new syntax i added to the binder: addr:port[/protocol] port[/protocol] 0/icmp[/count] where protocol can be tcp,udp,unix,icmp is special case of raw socket, added by count. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 20:55 Message: Logged In: YES user_id=87254 Adding support for socket types other than TCP to the binder sounds like a great idea. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-09 19:55 Message: Logged In: YES user_id=184124 I agree, i use inittab for aolserver myself calling bach script which parses nsd.tcl for address/port keyworkd and builds -b options on the fly. In case of inittab, no need in watchdog as well. It is not even on my wish list, i just figured if watchdog is to berunning as root, then it can include binder support. Let's put aside binder as separate process issue for a while, but i'd like to add to regular 4.x binder what i did for supporting UDP/TCP/UNIX/RAW sockets. They still need to be pre-bound but then can be used from within AS, this is how snmp and dns modules uses those sockets. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 19:52 Message: Logged In: YES user_id=87254 Hmm... I guess you could split the config into multiple pieces, let admins manage everything except address and port to bind to. But would we mandate that in the defautl set-up, or just hope people didn't screw up in practice? ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 19:49 Message: Logged In: YES user_id=87254 I think the issue here is that you need root privs to bind to port 80. The address and port are specified in the config file. The config file is a Tcl script. So to allow someone to change your webserver config file you need to give away root privs on your server. I'm not super keen on this :-) IIRC in 3.x there was a lot of code to make sure that the config script was evaled in a safe interp, and the motivation for the binder was code reduction/simplification. This also impacts the chroot functionality. Idealy you want to chroot as the last thing you do before dropping root privs so that you can open all your fileslink to libraries etc., and not have to recreate a complete copy of your environment in the jail. But you need to know which directory that is, and that's in the config file, which is a script... Personaly, I use daemontools to manage my servers. You need to create a simple wrapper script for this to work and I find that is the ideal place to set some environment variables for the IP, PORT etc. I can pass those along on the command line and extract them from the env in the tcl config script with [env get IP] and so on. The binder is a neat solution, but in practice it trips a lot of people up and it's just a pain. Giving away root is not a great solution though... :-( ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-09 17:23 Message: Logged In: YES user_id=95086 Honestly, I did forget already how 3.x did the binding :-What we do in 4.0 is to bind on all interfaces (I modified that in our private version). But I'm open to all variants. I suppose I should look back in 3.x code how that was done... Or, you have a crystal-clear picture already in which case I will simply believe you ;-) As soon as we create the sandbox, we can start hacking this in. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1119365&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-11 14:03:01
|
Feature Requests item #1120023, was opened at 2005-02-10 13:30 Message generated for change (Comment added) made by seryakov You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120023&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Zoran Vasiljevic (vasiljevic) Assigned to: Zoran Vasiljevic (vasiljevic) Summary: Allow to start server under root privilges Initial Comment: Before all of you freak out, read please :-) Currently the server will just complain if you attempt to start it as root. However, we do need to do this. Our app is actually a backup/archive and server-synchronize product and it needs to access all files on the server and do something with them. For this to work, I had to manually disable checking for user/group of 0/0 during the startup. Now, my idea is to allow compile-time option which would control this, like for example --enable-rootuser or similar. I think Apache build allows you to do this (at least it did when I worked with Apache for the last time, about 6 years ago). Default would be to *not* allow server to be started as root, which is what we have now. This can be #ifdef ALLOW_ROOT_USER #endif at one place in the nsmain.c. Any thoughts? ---------------------------------------------------------------------- >Comment By: Vlad Seryakov (seryakov) Date: 2005-02-11 14:02 Message: Logged In: YES user_id=184124 That's okay with me ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-11 03:50 Message: Logged In: YES user_id=87254 I think thttpd works like this. A lot of it's config settings are compile time only options (you actually have to hack the makefile). But Vlad makes a good point: If some one asks to run as root maybe we should just respect that. I'm not sure about running as user 'nobody' as default though. I think that is an apache specific user, created when you install that package. It might not always exist. Also, if all daemons run as 'nobody' then you're really not increasing security, because a flaw in one exposes the data of all the others rather than contain it. I would suggest the following: You *have* to supply the user to switch to on the command line. If you don't, the server complains and exits. You may specify root, in which case we log a warning message but respect your wishes and continue. Specifying any other user works as before. I would be happy with something like that. Sound OK? ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 17:18 Message: Logged In: YES user_id=95086 You mean: no user given -> run as nobody (65534 or whatever uid nobody is) user given -> run as this user, whatever the user (might be root, uid=0) OK. No problems for me. This is even simpler. If nobody objects, I will make this change. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 15:25 Message: Logged In: YES user_id=184124 I have no problem with that, if want NS to be more versatile than just webserver we will have to run it as root for some tasks, so i would suggest event more radical solution, if root given as id on the command line, run it as root, if nothing given via command line, switch to default nobody if root. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120023&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-11 04:05:59
|
Feature Requests item #1120167, was opened at 2005-02-10 10:13 Message generated for change (Comment added) made by sdeasey You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120167&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Vlad Seryakov (seryakov) Assigned to: Vlad Seryakov (seryakov) Summary: Cron like scheduler Initial Comment: I have working cron-like scheduer as Tcl command for other project and it makes real difference in doing background tasks. Current AS schedule_proc functionality is fine but not flexible, having it as unix cron would give real opportunities to run tasks from AS, not using UNIX cron in addition. I have code, it is very small and simple, i was surpised myself when i have it done. I am just not sure is it better be new command or extend ns_schedule_proc with additional switches. Currently, syntax is somethign like this: ns_cron script -id id -enable 0|1 -once 0|1 -thread 0|1 -min N -hour N -day N -mon N -year N -dow N -interval N -min|hour|mon|day|year|dow can be repeated. ---------------------------------------------------------------------- >Comment By: Stephen Deasey (sdeasey) Date: 2005-02-10 21:05 Message: Logged In: YES user_id=87254 That's a lot of switches to parse, you should check out my new Ns_ParseObjv (when I get it posted...) ! Hmm, not sure what the best api would be. It would be nice to have everything integrated with the sched stuff that's already there. The switch parsing for NsTclSchedCmd looks scary though :-) You've both already tackled this though, so looks like a good candidate for inclusion. Sounds good to me. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 10:27 Message: Logged In: YES user_id=184124 No, it is C module for use in Tcl, not pure Tcl implementation, i use it in C application with embedded Tcl for scripting. Once i get to my home and reincarnate dialup or bring it on laptop tomorrow, it sucks to be without Internet at home. ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 10:23 Message: Logged In: YES user_id=95086 All Tcl? Care to attach the implementation? I also had the need for this and did it myself i Tcl as well (hey, we're masters in reinventing the wheel!) I think the reason to implement this in core server as C-code was the idea to be able to use it from the C-API as well w/o being dependent on some Tcl code from outside. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120167&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-11 03:59:17
|
Feature Requests item #1119365, was opened at 2005-02-09 08:43 Message generated for change (Comment added) made by sdeasey You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1119365&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Vlad Seryakov (seryakov) Assigned to: Vlad Seryakov (seryakov) Summary: Watchdog/binder process Initial Comment: I find current binder and -b command line option not very usefull and easy to administer. Can we revert back to 3.x binder and combine it with simple watchdog process, so on start ns forks watchdog/biner process, check for exit status and accepts requests for socket allocation. ---------------------------------------------------------------------- >Comment By: Stephen Deasey (sdeasey) Date: 2005-02-10 20:59 Message: Logged In: YES user_id=87254 Yeah, 0.0.0.0 works for me, too :-) I don't know enough about icmp/raw sockets to know if that makes sense (what is 'count' for?), but /protocl looks good. I haven't looked at this at all for multi-protocol stuff, but it's obviously desirable. It's great that Vlad's already done this and I dont have to! Although I run daemontools and Linux exclusively, I do have one instance where I ship an AOLserver out to customers and daemontools is just not appropriate there. So Zoran's watchdog sounds great, too. ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 12:39 Message: Logged In: YES user_id=95086 Aha! This I will have to check and see if this works for me also. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 12:30 Message: Logged In: YES user_id=184124 I use -b 0.0.0.0 currently, 4.0.10 and 4.1 worked fine. When use -b 0.0.0.0 then address for nssosck should be 0.0.0.0 as well, not empty. ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 10:33 Message: Logged In: YES user_id=95086 This is what I'Ve done (nsd/driver.c) void NsStartDrivers(void) { Driver *drvPtr; /* * Listen on all drivers. */ drvPtr = firstDrvPtr; while (drvPtr != NULL) { #if 0 /* zv */ drvPtr->sock = Ns_SockListenEx(drvPtr->bindaddr, drvPtr->port, drvPtr->backlog); #else /* Listen on all known interfaces/addresses */ drvPtr->sock = Ns_SockListenEx(NULL, drvPtr->port, drvPtr->backlog); #endif I tried -b 0.0.0.0 but somehow it didn't work hence I reverted to heavy guns :) ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 10:14 Message: Logged In: YES user_id=184124 Do you mean -b 0.0.0.0:80? It will listen on all interfaces for port 80? ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 03:55 Message: Logged In: YES user_id=95086 Eventually, the watchdog/binder combination seems not the way to go (privileges issue). I see. Concerning binder: I would need an option, (may be even compile-time one, don't care) for the server to listen on all network interfaces, including loopback. Apart from this, I have no immediate nor mid-term needs to modify anything there so I suppose I will be perfectly happy with any changes you guys need in this area. Concerning watchdog: we can't use daemontools nor init. Also, we do have windows as platform, remember. We have struggled to get *minimum* interface to the rest of the system hence our product is easily installable and removable from the system. Actually, the only point we have in common (config-wise) are entries in the startup machinery. Therefore, a control-process from within the nsd is ideal for our needs. I have done this with --enable-watchdog and it is #ifdef'ed in the code so for just about any other user of the server this is pretty invisible and obscure (no backward compat problems also). ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-09 14:00 Message: Logged In: YES user_id=184124 Here is the new syntax i added to the binder: addr:port[/protocol] port[/protocol] 0/icmp[/count] where protocol can be tcp,udp,unix,icmp is special case of raw socket, added by count. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 13:55 Message: Logged In: YES user_id=87254 Adding support for socket types other than TCP to the binder sounds like a great idea. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-09 12:55 Message: Logged In: YES user_id=184124 I agree, i use inittab for aolserver myself calling bach script which parses nsd.tcl for address/port keyworkd and builds -b options on the fly. In case of inittab, no need in watchdog as well. It is not even on my wish list, i just figured if watchdog is to berunning as root, then it can include binder support. Let's put aside binder as separate process issue for a while, but i'd like to add to regular 4.x binder what i did for supporting UDP/TCP/UNIX/RAW sockets. They still need to be pre-bound but then can be used from within AS, this is how snmp and dns modules uses those sockets. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 12:52 Message: Logged In: YES user_id=87254 Hmm... I guess you could split the config into multiple pieces, let admins manage everything except address and port to bind to. But would we mandate that in the defautl set-up, or just hope people didn't screw up in practice? ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 12:49 Message: Logged In: YES user_id=87254 I think the issue here is that you need root privs to bind to port 80. The address and port are specified in the config file. The config file is a Tcl script. So to allow someone to change your webserver config file you need to give away root privs on your server. I'm not super keen on this :-) IIRC in 3.x there was a lot of code to make sure that the config script was evaled in a safe interp, and the motivation for the binder was code reduction/simplification. This also impacts the chroot functionality. Idealy you want to chroot as the last thing you do before dropping root privs so that you can open all your fileslink to libraries etc., and not have to recreate a complete copy of your environment in the jail. But you need to know which directory that is, and that's in the config file, which is a script... Personaly, I use daemontools to manage my servers. You need to create a simple wrapper script for this to work and I find that is the ideal place to set some environment variables for the IP, PORT etc. I can pass those along on the command line and extract them from the env in the tcl config script with [env get IP] and so on. The binder is a neat solution, but in practice it trips a lot of people up and it's just a pain. Giving away root is not a great solution though... :-( ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-09 10:23 Message: Logged In: YES user_id=95086 Honestly, I did forget already how 3.x did the binding :-What we do in 4.0 is to bind on all interfaces (I modified that in our private version). But I'm open to all variants. I suppose I should look back in 3.x code how that was done... Or, you have a crystal-clear picture already in which case I will simply believe you ;-) As soon as we create the sandbox, we can start hacking this in. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1119365&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-11 03:51:03
|
Feature Requests item #1120023, was opened at 2005-02-10 06:30 Message generated for change (Comment added) made by sdeasey You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120023&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Zoran Vasiljevic (vasiljevic) Assigned to: Zoran Vasiljevic (vasiljevic) Summary: Allow to start server under root privilges Initial Comment: Before all of you freak out, read please :-) Currently the server will just complain if you attempt to start it as root. However, we do need to do this. Our app is actually a backup/archive and server-synchronize product and it needs to access all files on the server and do something with them. For this to work, I had to manually disable checking for user/group of 0/0 during the startup. Now, my idea is to allow compile-time option which would control this, like for example --enable-rootuser or similar. I think Apache build allows you to do this (at least it did when I worked with Apache for the last time, about 6 years ago). Default would be to *not* allow server to be started as root, which is what we have now. This can be #ifdef ALLOW_ROOT_USER #endif at one place in the nsmain.c. Any thoughts? ---------------------------------------------------------------------- >Comment By: Stephen Deasey (sdeasey) Date: 2005-02-10 20:50 Message: Logged In: YES user_id=87254 I think thttpd works like this. A lot of it's config settings are compile time only options (you actually have to hack the makefile). But Vlad makes a good point: If some one asks to run as root maybe we should just respect that. I'm not sure about running as user 'nobody' as default though. I think that is an apache specific user, created when you install that package. It might not always exist. Also, if all daemons run as 'nobody' then you're really not increasing security, because a flaw in one exposes the data of all the others rather than contain it. I would suggest the following: You *have* to supply the user to switch to on the command line. If you don't, the server complains and exits. You may specify root, in which case we log a warning message but respect your wishes and continue. Specifying any other user works as before. I would be happy with something like that. Sound OK? ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 10:18 Message: Logged In: YES user_id=95086 You mean: no user given -> run as nobody (65534 or whatever uid nobody is) user given -> run as this user, whatever the user (might be root, uid=0) OK. No problems for me. This is even simpler. If nobody objects, I will make this change. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 08:25 Message: Logged In: YES user_id=184124 I have no problem with that, if want NS to be more versatile than just webserver we will have to run it as root for some tasks, so i would suggest event more radical solution, if root given as id on the command line, run it as root, if nothing given via command line, switch to default nobody if root. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120023&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-10 19:39:59
|
Feature Requests item #1119365, was opened at 2005-02-09 16:43 Message generated for change (Comment added) made by vasiljevic You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1119365&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Vlad Seryakov (seryakov) Assigned to: Vlad Seryakov (seryakov) Summary: Watchdog/binder process Initial Comment: I find current binder and -b command line option not very usefull and easy to administer. Can we revert back to 3.x binder and combine it with simple watchdog process, so on start ns forks watchdog/biner process, check for exit status and accepts requests for socket allocation. ---------------------------------------------------------------------- >Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 20:39 Message: Logged In: YES user_id=95086 Aha! This I will have to check and see if this works for me also. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 20:30 Message: Logged In: YES user_id=184124 I use -b 0.0.0.0 currently, 4.0.10 and 4.1 worked fine. When use -b 0.0.0.0 then address for nssosck should be 0.0.0.0 as well, not empty. ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 18:33 Message: Logged In: YES user_id=95086 This is what I'Ve done (nsd/driver.c) void NsStartDrivers(void) { Driver *drvPtr; /* * Listen on all drivers. */ drvPtr = firstDrvPtr; while (drvPtr != NULL) { #if 0 /* zv */ drvPtr->sock = Ns_SockListenEx(drvPtr->bindaddr, drvPtr->port, drvPtr->backlog); #else /* Listen on all known interfaces/addresses */ drvPtr->sock = Ns_SockListenEx(NULL, drvPtr->port, drvPtr->backlog); #endif I tried -b 0.0.0.0 but somehow it didn't work hence I reverted to heavy guns :) ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 18:14 Message: Logged In: YES user_id=184124 Do you mean -b 0.0.0.0:80? It will listen on all interfaces for port 80? ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 11:55 Message: Logged In: YES user_id=95086 Eventually, the watchdog/binder combination seems not the way to go (privileges issue). I see. Concerning binder: I would need an option, (may be even compile-time one, don't care) for the server to listen on all network interfaces, including loopback. Apart from this, I have no immediate nor mid-term needs to modify anything there so I suppose I will be perfectly happy with any changes you guys need in this area. Concerning watchdog: we can't use daemontools nor init. Also, we do have windows as platform, remember. We have struggled to get *minimum* interface to the rest of the system hence our product is easily installable and removable from the system. Actually, the only point we have in common (config-wise) are entries in the startup machinery. Therefore, a control-process from within the nsd is ideal for our needs. I have done this with --enable-watchdog and it is #ifdef'ed in the code so for just about any other user of the server this is pretty invisible and obscure (no backward compat problems also). ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-09 22:00 Message: Logged In: YES user_id=184124 Here is the new syntax i added to the binder: addr:port[/protocol] port[/protocol] 0/icmp[/count] where protocol can be tcp,udp,unix,icmp is special case of raw socket, added by count. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 21:55 Message: Logged In: YES user_id=87254 Adding support for socket types other than TCP to the binder sounds like a great idea. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-09 20:55 Message: Logged In: YES user_id=184124 I agree, i use inittab for aolserver myself calling bach script which parses nsd.tcl for address/port keyworkd and builds -b options on the fly. In case of inittab, no need in watchdog as well. It is not even on my wish list, i just figured if watchdog is to berunning as root, then it can include binder support. Let's put aside binder as separate process issue for a while, but i'd like to add to regular 4.x binder what i did for supporting UDP/TCP/UNIX/RAW sockets. They still need to be pre-bound but then can be used from within AS, this is how snmp and dns modules uses those sockets. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 20:52 Message: Logged In: YES user_id=87254 Hmm... I guess you could split the config into multiple pieces, let admins manage everything except address and port to bind to. But would we mandate that in the defautl set-up, or just hope people didn't screw up in practice? ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 20:49 Message: Logged In: YES user_id=87254 I think the issue here is that you need root privs to bind to port 80. The address and port are specified in the config file. The config file is a Tcl script. So to allow someone to change your webserver config file you need to give away root privs on your server. I'm not super keen on this :-) IIRC in 3.x there was a lot of code to make sure that the config script was evaled in a safe interp, and the motivation for the binder was code reduction/simplification. This also impacts the chroot functionality. Idealy you want to chroot as the last thing you do before dropping root privs so that you can open all your fileslink to libraries etc., and not have to recreate a complete copy of your environment in the jail. But you need to know which directory that is, and that's in the config file, which is a script... Personaly, I use daemontools to manage my servers. You need to create a simple wrapper script for this to work and I find that is the ideal place to set some environment variables for the IP, PORT etc. I can pass those along on the command line and extract them from the env in the tcl config script with [env get IP] and so on. The binder is a neat solution, but in practice it trips a lot of people up and it's just a pain. Giving away root is not a great solution though... :-( ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-09 18:23 Message: Logged In: YES user_id=95086 Honestly, I did forget already how 3.x did the binding :-What we do in 4.0 is to bind on all interfaces (I modified that in our private version). But I'm open to all variants. I suppose I should look back in 3.x code how that was done... Or, you have a crystal-clear picture already in which case I will simply believe you ;-) As soon as we create the sandbox, we can start hacking this in. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1119365&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-10 19:30:26
|
Feature Requests item #1119365, was opened at 2005-02-09 15:43 Message generated for change (Comment added) made by seryakov You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1119365&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Vlad Seryakov (seryakov) Assigned to: Vlad Seryakov (seryakov) Summary: Watchdog/binder process Initial Comment: I find current binder and -b command line option not very usefull and easy to administer. Can we revert back to 3.x binder and combine it with simple watchdog process, so on start ns forks watchdog/biner process, check for exit status and accepts requests for socket allocation. ---------------------------------------------------------------------- >Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 19:30 Message: Logged In: YES user_id=184124 I use -b 0.0.0.0 currently, 4.0.10 and 4.1 worked fine. When use -b 0.0.0.0 then address for nssosck should be 0.0.0.0 as well, not empty. ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 17:33 Message: Logged In: YES user_id=95086 This is what I'Ve done (nsd/driver.c) void NsStartDrivers(void) { Driver *drvPtr; /* * Listen on all drivers. */ drvPtr = firstDrvPtr; while (drvPtr != NULL) { #if 0 /* zv */ drvPtr->sock = Ns_SockListenEx(drvPtr->bindaddr, drvPtr->port, drvPtr->backlog); #else /* Listen on all known interfaces/addresses */ drvPtr->sock = Ns_SockListenEx(NULL, drvPtr->port, drvPtr->backlog); #endif I tried -b 0.0.0.0 but somehow it didn't work hence I reverted to heavy guns :) ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 17:14 Message: Logged In: YES user_id=184124 Do you mean -b 0.0.0.0:80? It will listen on all interfaces for port 80? ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 10:55 Message: Logged In: YES user_id=95086 Eventually, the watchdog/binder combination seems not the way to go (privileges issue). I see. Concerning binder: I would need an option, (may be even compile-time one, don't care) for the server to listen on all network interfaces, including loopback. Apart from this, I have no immediate nor mid-term needs to modify anything there so I suppose I will be perfectly happy with any changes you guys need in this area. Concerning watchdog: we can't use daemontools nor init. Also, we do have windows as platform, remember. We have struggled to get *minimum* interface to the rest of the system hence our product is easily installable and removable from the system. Actually, the only point we have in common (config-wise) are entries in the startup machinery. Therefore, a control-process from within the nsd is ideal for our needs. I have done this with --enable-watchdog and it is #ifdef'ed in the code so for just about any other user of the server this is pretty invisible and obscure (no backward compat problems also). ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-09 21:00 Message: Logged In: YES user_id=184124 Here is the new syntax i added to the binder: addr:port[/protocol] port[/protocol] 0/icmp[/count] where protocol can be tcp,udp,unix,icmp is special case of raw socket, added by count. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 20:55 Message: Logged In: YES user_id=87254 Adding support for socket types other than TCP to the binder sounds like a great idea. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-09 19:55 Message: Logged In: YES user_id=184124 I agree, i use inittab for aolserver myself calling bach script which parses nsd.tcl for address/port keyworkd and builds -b options on the fly. In case of inittab, no need in watchdog as well. It is not even on my wish list, i just figured if watchdog is to berunning as root, then it can include binder support. Let's put aside binder as separate process issue for a while, but i'd like to add to regular 4.x binder what i did for supporting UDP/TCP/UNIX/RAW sockets. They still need to be pre-bound but then can be used from within AS, this is how snmp and dns modules uses those sockets. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 19:52 Message: Logged In: YES user_id=87254 Hmm... I guess you could split the config into multiple pieces, let admins manage everything except address and port to bind to. But would we mandate that in the defautl set-up, or just hope people didn't screw up in practice? ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 19:49 Message: Logged In: YES user_id=87254 I think the issue here is that you need root privs to bind to port 80. The address and port are specified in the config file. The config file is a Tcl script. So to allow someone to change your webserver config file you need to give away root privs on your server. I'm not super keen on this :-) IIRC in 3.x there was a lot of code to make sure that the config script was evaled in a safe interp, and the motivation for the binder was code reduction/simplification. This also impacts the chroot functionality. Idealy you want to chroot as the last thing you do before dropping root privs so that you can open all your fileslink to libraries etc., and not have to recreate a complete copy of your environment in the jail. But you need to know which directory that is, and that's in the config file, which is a script... Personaly, I use daemontools to manage my servers. You need to create a simple wrapper script for this to work and I find that is the ideal place to set some environment variables for the IP, PORT etc. I can pass those along on the command line and extract them from the env in the tcl config script with [env get IP] and so on. The binder is a neat solution, but in practice it trips a lot of people up and it's just a pain. Giving away root is not a great solution though... :-( ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-09 17:23 Message: Logged In: YES user_id=95086 Honestly, I did forget already how 3.x did the binding :-What we do in 4.0 is to bind on all interfaces (I modified that in our private version). But I'm open to all variants. I suppose I should look back in 3.x code how that was done... Or, you have a crystal-clear picture already in which case I will simply believe you ;-) As soon as we create the sandbox, we can start hacking this in. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1119365&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-10 17:33:32
|
Feature Requests item #1119365, was opened at 2005-02-09 16:43 Message generated for change (Comment added) made by vasiljevic You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1119365&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Vlad Seryakov (seryakov) Assigned to: Vlad Seryakov (seryakov) Summary: Watchdog/binder process Initial Comment: I find current binder and -b command line option not very usefull and easy to administer. Can we revert back to 3.x binder and combine it with simple watchdog process, so on start ns forks watchdog/biner process, check for exit status and accepts requests for socket allocation. ---------------------------------------------------------------------- >Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 18:33 Message: Logged In: YES user_id=95086 This is what I'Ve done (nsd/driver.c) void NsStartDrivers(void) { Driver *drvPtr; /* * Listen on all drivers. */ drvPtr = firstDrvPtr; while (drvPtr != NULL) { #if 0 /* zv */ drvPtr->sock = Ns_SockListenEx(drvPtr->bindaddr, drvPtr->port, drvPtr->backlog); #else /* Listen on all known interfaces/addresses */ drvPtr->sock = Ns_SockListenEx(NULL, drvPtr->port, drvPtr->backlog); #endif I tried -b 0.0.0.0 but somehow it didn't work hence I reverted to heavy guns :) ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 18:14 Message: Logged In: YES user_id=184124 Do you mean -b 0.0.0.0:80? It will listen on all interfaces for port 80? ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 11:55 Message: Logged In: YES user_id=95086 Eventually, the watchdog/binder combination seems not the way to go (privileges issue). I see. Concerning binder: I would need an option, (may be even compile-time one, don't care) for the server to listen on all network interfaces, including loopback. Apart from this, I have no immediate nor mid-term needs to modify anything there so I suppose I will be perfectly happy with any changes you guys need in this area. Concerning watchdog: we can't use daemontools nor init. Also, we do have windows as platform, remember. We have struggled to get *minimum* interface to the rest of the system hence our product is easily installable and removable from the system. Actually, the only point we have in common (config-wise) are entries in the startup machinery. Therefore, a control-process from within the nsd is ideal for our needs. I have done this with --enable-watchdog and it is #ifdef'ed in the code so for just about any other user of the server this is pretty invisible and obscure (no backward compat problems also). ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-09 22:00 Message: Logged In: YES user_id=184124 Here is the new syntax i added to the binder: addr:port[/protocol] port[/protocol] 0/icmp[/count] where protocol can be tcp,udp,unix,icmp is special case of raw socket, added by count. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 21:55 Message: Logged In: YES user_id=87254 Adding support for socket types other than TCP to the binder sounds like a great idea. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-09 20:55 Message: Logged In: YES user_id=184124 I agree, i use inittab for aolserver myself calling bach script which parses nsd.tcl for address/port keyworkd and builds -b options on the fly. In case of inittab, no need in watchdog as well. It is not even on my wish list, i just figured if watchdog is to berunning as root, then it can include binder support. Let's put aside binder as separate process issue for a while, but i'd like to add to regular 4.x binder what i did for supporting UDP/TCP/UNIX/RAW sockets. They still need to be pre-bound but then can be used from within AS, this is how snmp and dns modules uses those sockets. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 20:52 Message: Logged In: YES user_id=87254 Hmm... I guess you could split the config into multiple pieces, let admins manage everything except address and port to bind to. But would we mandate that in the defautl set-up, or just hope people didn't screw up in practice? ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 20:49 Message: Logged In: YES user_id=87254 I think the issue here is that you need root privs to bind to port 80. The address and port are specified in the config file. The config file is a Tcl script. So to allow someone to change your webserver config file you need to give away root privs on your server. I'm not super keen on this :-) IIRC in 3.x there was a lot of code to make sure that the config script was evaled in a safe interp, and the motivation for the binder was code reduction/simplification. This also impacts the chroot functionality. Idealy you want to chroot as the last thing you do before dropping root privs so that you can open all your fileslink to libraries etc., and not have to recreate a complete copy of your environment in the jail. But you need to know which directory that is, and that's in the config file, which is a script... Personaly, I use daemontools to manage my servers. You need to create a simple wrapper script for this to work and I find that is the ideal place to set some environment variables for the IP, PORT etc. I can pass those along on the command line and extract them from the env in the tcl config script with [env get IP] and so on. The binder is a neat solution, but in practice it trips a lot of people up and it's just a pain. Giving away root is not a great solution though... :-( ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-09 18:23 Message: Logged In: YES user_id=95086 Honestly, I did forget already how 3.x did the binding :-What we do in 4.0 is to bind on all interfaces (I modified that in our private version). But I'm open to all variants. I suppose I should look back in 3.x code how that was done... Or, you have a crystal-clear picture already in which case I will simply believe you ;-) As soon as we create the sandbox, we can start hacking this in. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1119365&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-10 17:27:39
|
Feature Requests item #1120167, was opened at 2005-02-10 17:13 Message generated for change (Comment added) made by seryakov You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120167&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Vlad Seryakov (seryakov) Assigned to: Vlad Seryakov (seryakov) Summary: Cron like scheduler Initial Comment: I have working cron-like scheduer as Tcl command for other project and it makes real difference in doing background tasks. Current AS schedule_proc functionality is fine but not flexible, having it as unix cron would give real opportunities to run tasks from AS, not using UNIX cron in addition. I have code, it is very small and simple, i was surpised myself when i have it done. I am just not sure is it better be new command or extend ns_schedule_proc with additional switches. Currently, syntax is somethign like this: ns_cron script -id id -enable 0|1 -once 0|1 -thread 0|1 -min N -hour N -day N -mon N -year N -dow N -interval N -min|hour|mon|day|year|dow can be repeated. ---------------------------------------------------------------------- >Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 17:27 Message: Logged In: YES user_id=184124 No, it is C module for use in Tcl, not pure Tcl implementation, i use it in C application with embedded Tcl for scripting. Once i get to my home and reincarnate dialup or bring it on laptop tomorrow, it sucks to be without Internet at home. ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 17:23 Message: Logged In: YES user_id=95086 All Tcl? Care to attach the implementation? I also had the need for this and did it myself i Tcl as well (hey, we're masters in reinventing the wheel!) I think the reason to implement this in core server as C-code was the idea to be able to use it from the C-API as well w/o being dependent on some Tcl code from outside. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120167&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-10 17:23:57
|
Feature Requests item #1120167, was opened at 2005-02-10 18:13 Message generated for change (Comment added) made by vasiljevic You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120167&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Vlad Seryakov (seryakov) Assigned to: Vlad Seryakov (seryakov) Summary: Cron like scheduler Initial Comment: I have working cron-like scheduer as Tcl command for other project and it makes real difference in doing background tasks. Current AS schedule_proc functionality is fine but not flexible, having it as unix cron would give real opportunities to run tasks from AS, not using UNIX cron in addition. I have code, it is very small and simple, i was surpised myself when i have it done. I am just not sure is it better be new command or extend ns_schedule_proc with additional switches. Currently, syntax is somethign like this: ns_cron script -id id -enable 0|1 -once 0|1 -thread 0|1 -min N -hour N -day N -mon N -year N -dow N -interval N -min|hour|mon|day|year|dow can be repeated. ---------------------------------------------------------------------- >Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 18:23 Message: Logged In: YES user_id=95086 All Tcl? Care to attach the implementation? I also had the need for this and did it myself i Tcl as well (hey, we're masters in reinventing the wheel!) I think the reason to implement this in core server as C-code was the idea to be able to use it from the C-API as well w/o being dependent on some Tcl code from outside. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120167&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-10 17:18:27
|
Feature Requests item #1120023, was opened at 2005-02-10 14:30 Message generated for change (Comment added) made by vasiljevic You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120023&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Zoran Vasiljevic (vasiljevic) Assigned to: Zoran Vasiljevic (vasiljevic) Summary: Allow to start server under root privilges Initial Comment: Before all of you freak out, read please :-) Currently the server will just complain if you attempt to start it as root. However, we do need to do this. Our app is actually a backup/archive and server-synchronize product and it needs to access all files on the server and do something with them. For this to work, I had to manually disable checking for user/group of 0/0 during the startup. Now, my idea is to allow compile-time option which would control this, like for example --enable-rootuser or similar. I think Apache build allows you to do this (at least it did when I worked with Apache for the last time, about 6 years ago). Default would be to *not* allow server to be started as root, which is what we have now. This can be #ifdef ALLOW_ROOT_USER #endif at one place in the nsmain.c. Any thoughts? ---------------------------------------------------------------------- >Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 18:18 Message: Logged In: YES user_id=95086 You mean: no user given -> run as nobody (65534 or whatever uid nobody is) user given -> run as this user, whatever the user (might be root, uid=0) OK. No problems for me. This is even simpler. If nobody objects, I will make this change. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 16:25 Message: Logged In: YES user_id=184124 I have no problem with that, if want NS to be more versatile than just webserver we will have to run it as root for some tasks, so i would suggest event more radical solution, if root given as id on the command line, run it as root, if nothing given via command line, switch to default nobody if root. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120023&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-10 17:14:48
|
Feature Requests item #1119365, was opened at 2005-02-09 15:43 Message generated for change (Comment added) made by seryakov You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1119365&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Vlad Seryakov (seryakov) >Assigned to: Vlad Seryakov (seryakov) Summary: Watchdog/binder process Initial Comment: I find current binder and -b command line option not very usefull and easy to administer. Can we revert back to 3.x binder and combine it with simple watchdog process, so on start ns forks watchdog/biner process, check for exit status and accepts requests for socket allocation. ---------------------------------------------------------------------- >Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 17:14 Message: Logged In: YES user_id=184124 Do you mean -b 0.0.0.0:80? It will listen on all interfaces for port 80? ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-10 10:55 Message: Logged In: YES user_id=95086 Eventually, the watchdog/binder combination seems not the way to go (privileges issue). I see. Concerning binder: I would need an option, (may be even compile-time one, don't care) for the server to listen on all network interfaces, including loopback. Apart from this, I have no immediate nor mid-term needs to modify anything there so I suppose I will be perfectly happy with any changes you guys need in this area. Concerning watchdog: we can't use daemontools nor init. Also, we do have windows as platform, remember. We have struggled to get *minimum* interface to the rest of the system hence our product is easily installable and removable from the system. Actually, the only point we have in common (config-wise) are entries in the startup machinery. Therefore, a control-process from within the nsd is ideal for our needs. I have done this with --enable-watchdog and it is #ifdef'ed in the code so for just about any other user of the server this is pretty invisible and obscure (no backward compat problems also). ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-09 21:00 Message: Logged In: YES user_id=184124 Here is the new syntax i added to the binder: addr:port[/protocol] port[/protocol] 0/icmp[/count] where protocol can be tcp,udp,unix,icmp is special case of raw socket, added by count. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 20:55 Message: Logged In: YES user_id=87254 Adding support for socket types other than TCP to the binder sounds like a great idea. ---------------------------------------------------------------------- Comment By: Vlad Seryakov (seryakov) Date: 2005-02-09 19:55 Message: Logged In: YES user_id=184124 I agree, i use inittab for aolserver myself calling bach script which parses nsd.tcl for address/port keyworkd and builds -b options on the fly. In case of inittab, no need in watchdog as well. It is not even on my wish list, i just figured if watchdog is to berunning as root, then it can include binder support. Let's put aside binder as separate process issue for a while, but i'd like to add to regular 4.x binder what i did for supporting UDP/TCP/UNIX/RAW sockets. They still need to be pre-bound but then can be used from within AS, this is how snmp and dns modules uses those sockets. ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 19:52 Message: Logged In: YES user_id=87254 Hmm... I guess you could split the config into multiple pieces, let admins manage everything except address and port to bind to. But would we mandate that in the defautl set-up, or just hope people didn't screw up in practice? ---------------------------------------------------------------------- Comment By: Stephen Deasey (sdeasey) Date: 2005-02-09 19:49 Message: Logged In: YES user_id=87254 I think the issue here is that you need root privs to bind to port 80. The address and port are specified in the config file. The config file is a Tcl script. So to allow someone to change your webserver config file you need to give away root privs on your server. I'm not super keen on this :-) IIRC in 3.x there was a lot of code to make sure that the config script was evaled in a safe interp, and the motivation for the binder was code reduction/simplification. This also impacts the chroot functionality. Idealy you want to chroot as the last thing you do before dropping root privs so that you can open all your fileslink to libraries etc., and not have to recreate a complete copy of your environment in the jail. But you need to know which directory that is, and that's in the config file, which is a script... Personaly, I use daemontools to manage my servers. You need to create a simple wrapper script for this to work and I find that is the ideal place to set some environment variables for the IP, PORT etc. I can pass those along on the command line and extract them from the env in the tcl config script with [env get IP] and so on. The binder is a neat solution, but in practice it trips a lot of people up and it's just a pain. Giving away root is not a great solution though... :-( ---------------------------------------------------------------------- Comment By: Zoran Vasiljevic (vasiljevic) Date: 2005-02-09 17:23 Message: Logged In: YES user_id=95086 Honestly, I did forget already how 3.x did the binding :-What we do in 4.0 is to bind on all interfaces (I modified that in our private version). But I'm open to all variants. I suppose I should look back in 3.x code how that was done... Or, you have a crystal-clear picture already in which case I will simply believe you ;-) As soon as we create the sandbox, we can start hacking this in. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1119365&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-10 17:13:51
|
Feature Requests item #1120167, was opened at 2005-02-10 17:13 Message generated for change (Settings changed) made by seryakov You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120167&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Vlad Seryakov (seryakov) >Assigned to: Vlad Seryakov (seryakov) Summary: Cron like scheduler Initial Comment: I have working cron-like scheduer as Tcl command for other project and it makes real difference in doing background tasks. Current AS schedule_proc functionality is fine but not flexible, having it as unix cron would give real opportunities to run tasks from AS, not using UNIX cron in addition. I have code, it is very small and simple, i was surpised myself when i have it done. I am just not sure is it better be new command or extend ns_schedule_proc with additional switches. Currently, syntax is somethign like this: ns_cron script -id id -enable 0|1 -once 0|1 -thread 0|1 -min N -hour N -day N -mon N -year N -dow N -interval N -min|hour|mon|day|year|dow can be repeated. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120167&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-10 17:13:30
|
Feature Requests item #1120167, was opened at 2005-02-10 17:13 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120167&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Vlad Seryakov (seryakov) Assigned to: Nobody/Anonymous (nobody) Summary: Cron like scheduler Initial Comment: I have working cron-like scheduer as Tcl command for other project and it makes real difference in doing background tasks. Current AS schedule_proc functionality is fine but not flexible, having it as unix cron would give real opportunities to run tasks from AS, not using UNIX cron in addition. I have code, it is very small and simple, i was surpised myself when i have it done. I am just not sure is it better be new command or extend ns_schedule_proc with additional switches. Currently, syntax is somethign like this: ns_cron script -id id -enable 0|1 -once 0|1 -thread 0|1 -min N -hour N -day N -mon N -year N -dow N -interval N -min|hour|mon|day|year|dow can be repeated. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120167&group_id=130646 |
|
From: SourceForge.net <no...@so...> - 2005-02-10 15:25:16
|
Feature Requests item #1120023, was opened at 2005-02-10 13:30 Message generated for change (Comment added) made by seryakov You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120023&group_id=130646 Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Zoran Vasiljevic (vasiljevic) Assigned to: Zoran Vasiljevic (vasiljevic) Summary: Allow to start server under root privilges Initial Comment: Before all of you freak out, read please :-) Currently the server will just complain if you attempt to start it as root. However, we do need to do this. Our app is actually a backup/archive and server-synchronize product and it needs to access all files on the server and do something with them. For this to work, I had to manually disable checking for user/group of 0/0 during the startup. Now, my idea is to allow compile-time option which would control this, like for example --enable-rootuser or similar. I think Apache build allows you to do this (at least it did when I worked with Apache for the last time, about 6 years ago). Default would be to *not* allow server to be started as root, which is what we have now. This can be #ifdef ALLOW_ROOT_USER #endif at one place in the nsmain.c. Any thoughts? ---------------------------------------------------------------------- >Comment By: Vlad Seryakov (seryakov) Date: 2005-02-10 15:25 Message: Logged In: YES user_id=184124 I have no problem with that, if want NS to be more versatile than just webserver we will have to run it as root for some tasks, so i would suggest event more radical solution, if root given as id on the command line, run it as root, if nothing given via command line, switch to default nobody if root. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=719009&aid=1120023&group_id=130646 |
