Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 23 Jul 2012 09:47:24 +0800
From:      "ming.zym@gmail.com" <ming.zym@gmail.com>
To:        Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl>
Cc:        "hackers@FreeBSD.org" <hackers@freebsd.org>
Subject:   Re: trafficserver and raw disk access in FreeBSD
Message-ID:  <1343008044.4047.19.camel@zym6400>
In-Reply-To: <alpine.BSF.2.00.1207221702240.2621@wojtek.tensor.gdynia.pl>
References:  <1342963441.4162.8.camel@zym6400> <alpine.BSF.2.00.1207221702240.2621@wojtek.tensor.gdynia.pl>
next in thread | previous in thread | raw e-mail | index | archive | help 

--=-+Xh3bNrkBPkV/jIpJhH4
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

yeah, rules in devfs always work. and it may introduce more challenge on
operation management, is there any way that we can do it more clean?

should we set the permission for :operator g+w on disks and partitions?
then we can put a dedicate user for trafficserver into operator group.


=E5=9C=A8 2012-07-22=E6=97=A5=E7=9A=84 17:03 +0200=EF=BC=8CWojciech Puchar=
=E5=86=99=E9=81=93=EF=BC=9A
> > Apache Traffic Server may use raw disk for caching, and for privilege
> > elevation, the worker process(traffic_server) will setuid to nobody, my
> > question is, how to make traffic_server access the /dev/ada*?
> >
> > in linux, disk permitting is root:disk 0660, we can go with:
> > 1, setup a new user 'ats', and put it into 'disk' group
> > 2, after setuid, run initgroups() to complete the groups evn.
>=20
> devfs.conf

--=20
zym, Zhao Yongming.
aka: yonghao @ taobao.com

--=-+Xh3bNrkBPkV/jIpJhH4
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)

iF4EABEIAAYFAlAMrS0ACgkQQBjU8JUwVz6xDQD/eisqDwN1fagoCPAal35AP/S+
QtcwoCusr1YHwJ8TF/wA/j8AGUAEsICExlKc9zxucK6JgEA6yaPrAPizx11BDMFc
=wz0m
-----END PGP SIGNATURE-----

--=-+Xh3bNrkBPkV/jIpJhH4--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1343008044.4047.19.camel>