unicorn-lockdown 0.10.0 → 0.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG +6 -0
- data/README.rdoc +6 -2
- data/bin/unicorn-lockdown-add +7 -0
- data/lib/roda/plugins/pg_disconnect.rb +10 -0
- data/lib/unicorn-lockdown.rb +14 -4
- metadata +3 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f379b63ba85656d84b40cbad69d4574e94ec19dfbccda67ebb92115b09de1b6b
|
4
|
+
data.tar.gz: 762030825817a4d2722b1d9a9019de636839ffb926e8e082e9a0344fe63a9935
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8e7d1b9357f5ef3545b929ab063f1dd31ec4786f8386f0282b6da8a3b92472fcf7f2071839a23dda6f6ea476a62840179c8c2f66cf0bf4866138e98c9c404fd9
|
7
|
+
data.tar.gz: 7c3fa555edec5bb533caab2f709c6f51a199528d669897de152aa1c7ac7230a5592f6709c25ada286a162a1078805662bde19779e51cedd8694975ae86a291d9
|
data/CHANGELOG
CHANGED
@@ -1,3 +1,9 @@
|
|
1
|
+
= 0.11.0 (2019-03-18)
|
2
|
+
|
3
|
+
* Support separate log group and process primary group on Unicorn 5.5.0+ using :group option (jeremyevans)
|
4
|
+
|
5
|
+
* Make Roda pg_disconnect plugin support new Roda dispatch API (jeremyevans)
|
6
|
+
|
1
7
|
= 0.10.0 (2018-05-21)
|
2
8
|
|
3
9
|
* Use Mail.eager_autoload! if using the mail gem (jeremyevans)
|
data/README.rdoc
CHANGED
@@ -7,8 +7,8 @@ and pledge.
|
|
7
7
|
With the configuration unicorn-lockdown uses, the unicorn process executes as root,
|
8
8
|
and the unicorn master process continues to run as root. The master process
|
9
9
|
forks worker processes, which re-exec (fork+exec) so that a new memory layout
|
10
|
-
is used in each worker process. The
|
11
|
-
after which it
|
10
|
+
is used in each worker process. The worker process then loads the application,
|
11
|
+
after which it chroots to the application's directory, drops root privileges
|
12
12
|
and then runs as the application user (privdrop), then runs pledge to limit
|
13
13
|
the allowed system calls to the minimum required to run the application.
|
14
14
|
|
@@ -90,6 +90,10 @@ Unicorn.lockdown options:
|
|
90
90
|
:app :: (required) a short string for the name of the application, used
|
91
91
|
for socket/log file names and in notifications
|
92
92
|
:user :: (required) the user to drop privileges to
|
93
|
+
:group :: (optional) the group to use to run the application. On Unicorn
|
94
|
+
5.5.0+, can be an array with two entries, the first used as the
|
95
|
+
process primary group, the second as the owner of the unicorn
|
96
|
+
log files.
|
93
97
|
:pledge :: (optional) a pledge string to limit the allowed system calls
|
94
98
|
after privileges have been dropped
|
95
99
|
:email :: (optional) an email address to use for notifications when the
|
data/bin/unicorn-lockdown-add
CHANGED
@@ -137,6 +137,13 @@ end
|
|
137
137
|
|
138
138
|
# Setup unicorn configuration file
|
139
139
|
unless File.file?(unicorn_conf_file)
|
140
|
+
unicorn_conf_dir = File.dirname(unicorn_conf_file)
|
141
|
+
unless File.directory?(unicorn_conf_dir)
|
142
|
+
puts "Creating #{unicorn_conf_dir}"
|
143
|
+
Dir.mkdir(unicorn_conf_dir)
|
144
|
+
File.chmod(0755, unicorn_conf_dir)
|
145
|
+
File.chown(owner_uid, owner_gid, unicorn_conf_dir) if owner
|
146
|
+
end
|
140
147
|
puts "Creating #{unicorn_conf_file}"
|
141
148
|
File.binwrite(unicorn_conf_file, <<END)
|
142
149
|
require 'unicorn-lockdown'
|
@@ -30,6 +30,16 @@ class Roda
|
|
30
30
|
Process.kill(:QUIT, $$)
|
31
31
|
raise
|
32
32
|
end
|
33
|
+
|
34
|
+
# When database connection is lost, kill the worker process, so a new one will be generated.
|
35
|
+
# This is necessary because the unix socket used by the database connection is no longer available
|
36
|
+
# once the application is chrooted.
|
37
|
+
def _roda_handle_main_route
|
38
|
+
super
|
39
|
+
rescue Sequel::DatabaseDisconnectError, Sequel::DatabaseConnectionError, PG::ConnectionBad
|
40
|
+
Process.kill(:QUIT, $$)
|
41
|
+
raise
|
42
|
+
end
|
33
43
|
end
|
34
44
|
end
|
35
45
|
|
data/lib/unicorn-lockdown.rb
CHANGED
@@ -49,9 +49,13 @@ class << Unicorn
|
|
49
49
|
# to enable programmers to debug and fix the issue.
|
50
50
|
attr_accessor :request_logger
|
51
51
|
|
52
|
-
# The user
|
52
|
+
# The user to run as. Also specifies the group to run as if group_name is not set.
|
53
53
|
attr_accessor :user_name
|
54
54
|
|
55
|
+
# The group name to run as. Can be an array of two strings, where the first string
|
56
|
+
# is the primary group, and the second string is the group used for the log files.
|
57
|
+
attr_accessor :group_name
|
58
|
+
|
55
59
|
# The pledge string to use.
|
56
60
|
attr_accessor :pledge
|
57
61
|
|
@@ -77,11 +81,15 @@ class << Unicorn
|
|
77
81
|
# Options:
|
78
82
|
# :app :: The name of the application (required)
|
79
83
|
# :email : The email to notify for worker crashes
|
80
|
-
# :user :: The user
|
84
|
+
# :user :: The user to run as (required)
|
85
|
+
# :group :: The group to run as (if not set, uses :user as the group).
|
86
|
+
# Can be an array of two strings, where the first string is the primary
|
87
|
+
# group, and the second string is the group used for the log files.
|
81
88
|
# :pledge :: The string to use when pledging
|
82
89
|
def lockdown(configurator, opts)
|
83
90
|
Unicorn.app_name = opts.fetch(:app)
|
84
91
|
Unicorn.user_name = opts.fetch(:user)
|
92
|
+
Unicorn.group_name = opts[:group] || opts[:user]
|
85
93
|
Unicorn.email = opts[:email]
|
86
94
|
Unicorn.pledge = opts[:pledge]
|
87
95
|
|
@@ -164,7 +172,7 @@ class << Unicorn
|
|
164
172
|
|
165
173
|
# Drop privileges. This must be done after chrooting as
|
166
174
|
# chrooting requires root privileges.
|
167
|
-
worker.user(Unicorn.user_name, Unicorn.
|
175
|
+
worker.user(Unicorn.user_name, Unicorn.group_name, pwd)
|
168
176
|
|
169
177
|
if Unicorn.pledge
|
170
178
|
# Pledge after dropping privileges, because dropping
|
@@ -222,7 +230,9 @@ class << Unicorn
|
|
222
230
|
|
223
231
|
# Then get information from /etc and drop group privileges
|
224
232
|
uid = Etc.getpwnam(Unicorn.user_name).uid
|
225
|
-
|
233
|
+
group = Unicorn.group_name
|
234
|
+
group = group.first if group.is_a?(Array)
|
235
|
+
gid = Etc.getgrnam(group).gid
|
226
236
|
if gid && Process.egid != gid
|
227
237
|
Process.initgroups(Unicorn.user_name, gid)
|
228
238
|
Process::GID.change_privilege(gid)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: unicorn-lockdown
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.11.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jeremy Evans
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2019-03-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: pledge
|
@@ -75,8 +75,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
75
75
|
- !ruby/object:Gem::Version
|
76
76
|
version: '0'
|
77
77
|
requirements: []
|
78
|
-
|
79
|
-
rubygems_version: 2.7.6
|
78
|
+
rubygems_version: 3.0.3
|
80
79
|
signing_key:
|
81
80
|
specification_version: 4
|
82
81
|
summary: Helper library for running Unicorn with chroot/privdrop/fork+exec/pledge
|