On 2015/03/30 22:33, frantisek holop wrote: > Stuart Henderson, 30 Mar 2015 09:58: > > > when nginx was part of base, it was expected that > > > it would receive all kinds of local patches. > > > but just as openbsd apache is not apache anymore, > > > this nginx is also not nginx anymore. > > > > It's quite a different situation, the old OpenBSD httpd was effectively > > forked from Apache long ago, this is just a relatively simple patch. > > normally i agree with you Stuart almost all the time. > > the patch might be simple/small, but it > changes the default and expected behaviour > of a well known open source project. if nginx > had this feature and were on by default, > i wouldn't be writing this email. > alas, right now it does not. > > from my perspective: > i do web development on openbsd and i try > to have as little difference with other > deployment environments as possible. i dont > think that is an alien scenario to openbsd > users... > > not only is chroot not needed for this (and > complicates my life), but because it does not > exist anywhere else, my local deployment scripts > must use a switch that breaks on all the other > systems. i have no way of turning off chroot > in a platform independent way. > > > > i would like a vanilla, upstream nginx please in > > > the ports, just like there is apache2, postfix, etc. > > > i dont find that unreasonable. > > > > I (and no doubt others) would prefer it with the chroot patch... > > i understand that for a lot of people this feature > is desired. and i did not ask for its removal... > maybe a flavor. > > anyway, this thread did not go the way i imagined. > i thought there would be some support for this, > i think in principle how this port+patch is handled > is not right. if it is not an opt-in (i think > it should be), at least the possibility to have > the default expected behaviour should be there. > > yes, of course i can always build my own > packages. but it seems a bit warped for me > to beg for a vanilla port flavor, and i am > told to piss off and build my own. win some, > loose some. > > -f > -- > latin is a real angina gluteus maximus. >
A no_chroot flavour does seem reasonable, do you fancy sending a diff? Changing to not chrooting by default is more problematic because existing users will loose chroot (and may not notice this, especially if updating from an OpenBSD version with nginx in base), and may need to adjust the config file if they're using chroot-relative paths in it. It's quite nice to know that (short of an explicit configuration change which cannot really be made by mistake) files outside of /var/www will *not* be available from an httpd..
