9 messages in ru.sysoev.nginxRe: nginx-0.4.1
FromSent OnAttachments
Igor SysoevSep 14, 2006 6:55 am 
Francois SimondSep 14, 2006 7:26 am 
Igor SysoevSep 14, 2006 7:32 am 
Aleksandar LazicSep 14, 2006 7:36 am 
Francois SimondSep 14, 2006 7:45 am 
Francois SimondSep 14, 2006 7:48 am 
Francois SimondSep 14, 2006 7:57 am 
Igor SysoevSep 14, 2006 7:59 am.txt
Francois SimondSep 14, 2006 8:06 am 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:Re: nginx-0.4.1Actions...
From:Igor Sysoev (is-G@public.gmane.org)
Date:Sep 14, 2006 7:59:21 am
List:ru.sysoev.nginx
Attachments:

On Thu, 14 Sep 2006, Francois Simond wrote:

Igor Sysoev a ?crit :

On Thu, 14 Sep 2006, Francois Simond wrote:

Igor Sysoev a ?crit :

Changes with nginx 0.4.1 14 Sep 2006

Hello to the list, this is my first post here !

I have a problem with files not owned by the running nginx process uid :

With the default setup that comes with make install :

http://localhost/ gives a 500 error: in the log file:

2006/09/14 16:18:11 [crit] 8958#0: *4 open() "/usr/local/nginx/html/50x.html" failed (1: Operation not permitted), client: 127.0.0.1, server: localhost, URL: "/index.html", host: "localhost"

If i chown nobody: -R html/ , 200 OK it works.

What does "ls -l html/" show ?

# ls -al /usr/local/nginx/html/ total 16 drwxr-xr-x 2 root root 4096 2006-09-14 16:36 . drwxr-xr-x 6 root root 4096 2006-09-14 16:36 .. -rw-r--r-- 1 root root 383 2006-09-14 16:36 50x.html -rw-r--r-- 1 root root 151 2006-09-14 16:36 index.html

# ps axu | grep nginx root 9505 0.0 0.0 11008 460 ? Ss 16:37 0:00 nginx: master process ./sbin/nginx nobody 9506 0.0 0.0 11360 1000 ? S 16:37 0:00 nginx: worker process

# su - nobody cat /usr/local/nginx/html/index.html No directory, logging in with HOME=/ <html> <head> <title>Welcome to nginx!</title> </head> <body bgcolor="white" text="black"> <center><h1>Welcome to nginx!</h1></center> </body> </html>

Error 500 for the client, and in the log : 2006/09/14 16:38:15 [crit] 9506#0: *1 open() "/usr/local/nginx/html/50x.html" failed (1: Operation not permitted), client: 127.0.0.1, server: localhost, URL: "/", host: "localhost"

You can override the use or/and group in nginx.conf:

user USER; user USER GROUP;

there is something strange if i set in conf : user nobody;

# ./sbin/nginx 2006/09/14 16:41:23 [emerg] 9622#0: getgrnam("nobody") failed in /usr/local/nginx/conf/nginx.conf:2

beside that :

# id nobody uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)

something is different from the 0.4.0, i just re-check and with the same conf and permissions it respond 200 OK.

Something about the new O_NOATIME ?

Yes, to use O_NOATIME process must have the CAP_FOWNER capability: http://www.die.net/doc/linux/man/man7/capabilities.7.html It's seems that O_NOATIME should be backed out. Here is the patch.

Igor Sysoev http://sysoev.ru/en/

--- src/http/modules/ngx_http_index_module.c +++ src/http/modules/ngx_http_index_module.c @@ -239,8 +239,7 @@ return NGX_HTTP_INTERNAL_SERVER_ERROR; }

- fd = ngx_open_file(ctx->path.data, NGX_FILE_RDONLY|NGX_FILE_NOATIME, - NGX_FILE_OPEN); + fd = ngx_open_file(ctx->path.data, NGX_FILE_RDONLY, NGX_FILE_OPEN);

if (fd == (ngx_fd_t) NGX_AGAIN) { ctx->current = i; --- src/http/modules/ngx_http_static_module.c +++ src/http/modules/ngx_http_static_module.c @@ -125,8 +125,7 @@ return NGX_HTTP_INTERNAL_SERVER_ERROR; }

- fd = ngx_open_file(path.data, NGX_FILE_RDONLY|NGX_FILE_NOATIME, - NGX_FILE_OPEN); + fd = ngx_open_file(path.data, NGX_FILE_RDONLY, NGX_FILE_OPEN);

if (fd == NGX_INVALID_FILE) { err = ngx_errno; --- src/os/unix/ngx_files.h +++ src/os/unix/ngx_files.h @@ -28,11 +28,6 @@ #define NGX_FILE_TRUNCATE O_TRUNC #define NGX_FILE_APPEND O_APPEND

-#ifdef O_NOATIME -#define NGX_FILE_NOATIME O_NOATIME -#else -#define NGX_FILE_NOATIME 0 -#endif

#define ngx_close_file close #define ngx_close_file_n "close()"