README
¶
caddy-user
This caddy module performs a setuid on the goroutine handling the request. This works.
@@@@@@@@@
HOWEVER DUE TO THE UNIX PROCESS MODEL IT CAN'T WORK
@@@@@@@@@
Setuid works on the entire process, not a single goroutine. So while this does what is advertized, it can't work for concurrent requests or even setuid-ing to different user accounts.
Take this example:
- caddy runs as 'root'
- request comes in, setuid to 'x', caddy now runs as 'x'
- another request comes in, setuid to 'y' fails as user 'x' is not allowed to do that
- last request will run under the user 'x'
- request for x is completed, caddy reverts back to 'root'
So this will sometimes do what you expect.
A nicer idea might be to start Caddy, fork into multiple caddys and somehow solve it there.
Another alternative is running a proxy in front of caddys running as different users (and potentially different ports).
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type User ¶
type User struct {
User string `json:"user,omitempty"`
Uid uintptr
// contains filtered or unexported fields
}
User holds the user id or username to we should use for serve requests.
func (*User) CaddyModule ¶
func (u *User) CaddyModule() caddy.ModuleInfo
CaddyModule returns the Caddy module information.
Source Files
Click to show internal directories.
Click to hide internal directories.