Opened 9 years ago

Closed 9 years ago

#805 closed enhancement (wontfix)

small new optional feature for unixes

Reported by: David CARLIER Owned by:
Priority: minor Milestone:
Component: nginx-core Version: 1.9.x
Keywords: Cc:
uname -a: Linux
nginx -V: nginx/1.9.6


Hi all,

I created a small new optional feature to chroot nginx after reading the configuration.

Hope it finds any use.

Kindest regards.

Attachments (1)

nginx-chroot.diff (4.8 KB ) - added by David CARLIER 9 years ago.
new chroot mode

Download all attachments as: .zip

Change History (2)

by David CARLIER, 9 years ago

Attachment: nginx-chroot.diff added

new chroot mode

comment:1 by Maxim Dounin, 9 years ago

Resolution: wontfix
Status: newclosed

Chrooting to the prefix looks like a wrong idea, in particular, because many paths, including compiled in ones, can be outside of the prefix. I would rather think of chroot()'ing to some arbitrary path. The part trying to do adjustments in ngx_http_core_root() looks very wrong, too, you shouldn't try to adjust anything agains chroot() path at that level.

If you want to work further on chroot() stuff, please take a look at what OpenBSD guys did at their source tree. AFAIK, they have/had some chroot() implementation.

Please also take a look at Trac isn't how we prefer to review patches.

Note: See TracTickets for help on using tickets.