On 03/05/2015 09:03 AM, Ruediger Pluem wrote:
On 03/05/2015 07:55 AM, Jan Kaluža wrote:
Hi,
currently, the External Rewriting Program (RewriteMap "prg:") is run as root. I
would like to change it but I see three
ways how to do it:
1. Execute it right after drop_privileges hook. This looks like best way, but I
haven't found any hook which could be
used for that (except drop_privileges with APR_HOOK_REALLY_LAST, which does not
seem as proper place to me).
2. Execute it in child_init. This is done after drop_privileges, so the user/group is
good. The "problem" here is that
it would execute one rewrite program per child. Right now I'm not sure if it's
really problem. It could be useful to
have more instances of rewriting program to make its bottleneck lower.
3. Execute it where it is now (post_config), but set user/group using
apr_procattr_t. So far I think this would
duplicate the code of mod_unixd and would probably have to also handle the
windows equivalent of that module (if there's
any).
What way do you think is the best, or would you do it differently?
I'm attaching patch for number 2.
I would tend to 2. as well, but as far as I remember using the rewritemap
program is synchronized across all processes.
This raises two questions:
1. Does rewriting still work with the current patch?
It does work for me. I've done some tests with curl and ab with
prefork/event/worker MPMs.
2. If it does can stuff be optimized to move from a server wide lock to a
process wide lock (or even no lock for
prefork) to remove the contention here?
This could be possible, I will look at it.
OTOH looking at the topic of backwards compatibility existing rewrite programs
might rely on not working in parallel. Some may even have an issue if more then
one copy of them is running in parallel,
albeit not processing stuff in parallel which of course would cause an issue
with the proposed patch. Furthermore
existing setups might expect to be run as root. But this stuff only needs to be
considered when we think about
backporting and is moot for trunk.
Right, I'm currently thinking only about trunk. For the 2.4.x, we would
have to do it differently with backward compatibility in mind. I think
something like option 1 with configuration directive to enable new
behaviour would be more acceptable for 2.4.x. We would have single
rewritemap program in this case running as an apache user only if admin
wants it.
Regards
Rüdiger
Regards,
Jan Kaluza
