On Thu, Jan 09, 2020 at 06:17:29AM +0100, Willy Tarreau wrote: > Hi William, > > On Thu, Jan 09, 2020 at 12:26:06AM +0100, William Dauchy wrote: > > allows to use unix-bind settings in config file for both stats and master > > sockets; this will save some double painful config when you can rely on > > the global unix-bind. > > Local settings will still overload the default global. > > I had a look at how this currently works and am embarrassed by both the > patch and the way things currently work. Indeed, the patch only makes > use of the mode, uid and gid from the unix-bind statement and silently > ignores the path. It would be tempting to decide that since it's a unix > socket we should enfore all of unix-bind settings to the stats socket, > but then the problem caused by unix-bind is that the path component is > a mandatory prefix that is prepended before all socket paths. So if we > enforce the path we'll break all configs already using unix-bind. > > I tend to think that at some point we could decide to purposely break > some of this stuff so that the stats socket is not special at all, but > I fear that some configs could not be expressed anymore due to this, > and typically users will place the stats socket into a location outside > of the chroot so that it cannot be accessed by accident by the process. > That's even more true for the master socket where the path is specified > on the command line, regardless of any global setting. > > So maybe in the end your approach is the most reasonable one. However > in this case we should explicitly state in the doc what settings from > the unix-bind directive are reused by the stats/master socket, because > to be transparent, I wasn't aware of the other ones beyond "prefix" and > that's the first thing I tried and was surprized not to see it work as > I imagined it would. > > What do you think ? > > thanks, > Willy >
In my opinion that's not a good idea for the master CLI as it shouldn't depend on the configuration file. As a reminder the master CLI must work when a configuration file is corrupted, in "waitpid" mode. In this mode there is no configuration and the master CLI is running only with the configuration used in argument. -- William Lallemand
