bzp2010 commented on code in PR #318:
URL:
https://github.com/apache/apisix-java-plugin-runner/pull/318#discussion_r1972866067
##########
runner-core/src/main/java/org/apache/apisix/plugin/runner/server/ApplicationRunner.java:
##########
@@ -123,6 +136,35 @@ public void start(String path) throws Exception {
}
}
+ private static void manageSocketPermissions(String socketFile) throws
IOException {
+ Runtime.getRuntime().exec("chmod 700 " + socketFile);
+
+ if (!SOCKET_ALLOWED_USERS.isEmpty()) {
+
Optional.ofNullable(Files.getFileAttributeView(Paths.get(socketFile),
AclFileAttributeView.class))
+ .orElseThrow(() -> new UnsupportedOperationException("ACLs are
not supported on this filesystem."))
Review Comment:
APISIX, while available for bare-metal deployment, requires some work, which
is hardly out-of-the-box. Containers, on the other hand, appear to be the first
class of support, and if a user wishes to customize APISIX, it is often
recommended to start on an official container distribution rather than
bare-metal deployment, so installing openjdk for APISIX containers and allowing
jars is required support.
This needs to be clarified, regardless of whether ACLs can be used in
containers or UDS with 700 permission work fine.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
