Page Menu
Home
FreeBSD
Search
Configure Global Search
Log In
Files
F106031953
D9398.id24665.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Flag For Later
Award Token
Size
3 KB
Referenced Files
None
Subscribers
None
D9398.id24665.diff
View Options
Index: head/GIDs
===================================================================
--- head/GIDs
+++ head/GIDs
@@ -106,7 +106,7 @@
octoprint:*:162:
_iked:*:163:
lightdm:*:164:
-# free: 165
+uwsgi:*:165:
# free: 166
# free: 167
# free: 168
Index: head/UIDs
===================================================================
--- head/UIDs
+++ head/UIDs
@@ -111,7 +111,7 @@
octoprint:*:162:162::0:0:OctoPrint Daemon:/usr/local/octoprint:/usr/sbin/nologin
_iked:*:163:163::0:0:IKEv2 Daemon:/var/empty:/usr/sbin/nologin
lightdm:*:164:164::0:0:Light Display Manager:/var/lib/lightdm-data:/usr/sbin/nologin
-# free: 165
+uwsgi:*:165:165::0:0:uwsgi Daemon:/nonexistent:/usr/sbin/nologin
# free: 166
# free: 167
# free: 168
Index: head/www/uwsgi/Makefile
===================================================================
--- head/www/uwsgi/Makefile
+++ head/www/uwsgi/Makefile
@@ -3,7 +3,7 @@
PORTNAME= uwsgi
PORTVERSION= 2.0.14
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= www python
MASTER_SITES= http://projects.unbit.it/downloads/
@@ -17,6 +17,9 @@
USE_PYTHON= distutils
USE_RC_SUBR= uwsgi
+USERS= uwsgi
+GROUPS= uwsgi
+
OPTIONS_DEFINE= DEBUG JSON PCRE XML
DEBUG_VARS= PYDISTUTILS_BUILDARGS+=--debug
Index: head/www/uwsgi/files/uwsgi.in
===================================================================
--- head/www/uwsgi/files/uwsgi.in
+++ head/www/uwsgi/files/uwsgi.in
@@ -14,14 +14,16 @@
# Default is /tmp/uwsgi.sock.
# uwsgi_socket_mode (int): Set the mode of the socket.
# Default is 600.
+# uwsgi_socket_owner (str): Set the owner of the socket.
+# Default is www:www.
# uwsgi_logfile (path): Set the path to the uwsgi log file
# Default is /var/log/uwsgi.log.
# uwsgi_pidfile (path): Set the path to the uwsgi pid file
# Default is /var/run/uwsgi.pid.
# uwsgi_uid (int): Set the UID of the process to run with
-# Default is 80.
+# Default is 165 (uwsgi).
# uwsgi_gid (int): Set the GID of the process to run with
-# Default is 80.
+# Default is 165 (uwsgi).
# uwsgi_flags (str): Set the uwsgi command line arguments
# Default is "-M -L".
# uwsgi_procname (str): Define to "uWSGI" if you start uwsgi with
@@ -47,11 +49,12 @@
: ${uwsgi_enable="NO"}
: ${uwsgi_profiles=""}
: ${uwsgi_socket="/tmp/${name}.sock"}
-: ${uwsgi_socket_mode="600"}
+: ${uwsgi_socket_mode="660"}
+: ${uwsgi_socket_owner="www:www"}
: ${uwsgi_logfile="/var/log/${name}.log"}
: ${uwsgi_pidfile="/var/run/${name}.pid"}
-: ${uwsgi_uid="80"}
-: ${uwsgi_gid="80"}
+: ${uwsgi_uid="165"}
+: ${uwsgi_gid="165"}
: ${uwsgi_flags="-M -L"}
: ${uwsgi_procname="${command}"}
@@ -75,7 +78,8 @@
exit 1
fi
eval uwsgi_socket=\${uwsgi_${profile}_socket:-"/tmp/${name}-${profile}.sock"}
- eval uwsgi_socket_mode=\${uwsgi_${profile}_socket_mode:-"600"}
+ eval uwsgi_socket_mode=\${uwsgi_${profile}_socket_mode:-"660"}
+ eval uwsgi_socket_owner=\${uwsgi_${profile}_socket_owner:-"www:www"}
eval uwsgi_logfile=\${uwsgi_${profile}_logfile:-"/var/log/${name}-${profile}.log"}
eval uwsgi_pidfile=\${uwsgi_${profile}_pidfile:-"/var/run/${name}-${profile}.pid"}
eval uwsgi_uid=\${uwsgi_${profile}_uid:-"${uwsgi_uid}"}
@@ -92,7 +96,7 @@
fi
command=%%PREFIX%%/bin/uwsgi
-command_args="--pidfile ${uwsgi_pidfile} -s ${uwsgi_socket} --chmod-socket=${uwsgi_socket_mode} -d ${uwsgi_logfile} --uid ${uwsgi_uid} --gid ${uwsgi_gid}"
+command_args="--pidfile ${uwsgi_pidfile} -s ${uwsgi_socket} --chmod-socket=${uwsgi_socket_mode} --chown-socket=${uwsgi_socket_owner} -d ${uwsgi_logfile} --uid ${uwsgi_uid} --gid ${uwsgi_gid}"
pidfile=${uwsgi_pidfile}
stop_postcmd=stop_postcmd
reload_precmd=reload_precmd
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Wed, Dec 25, 4:53 AM (8 h, 26 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
15594539
Default Alt Text
D9398.id24665.diff (3 KB)
Attached To
Mode
D9398: Further improve www/uwsgi daemon/socket security
Attached
Detach File
Event Timeline
Log In to Comment