Date: Mon, 23 Jul 2012 09:47:24 +0800 From: "ming.zym@gmail.com" <ming.zym@gmail.com> To: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl> Cc: "hackers@FreeBSD.org" <hackers@freebsd.org> Subject: Re: trafficserver and raw disk access in FreeBSD Message-ID: <1343008044.4047.19.camel@zym6400> In-Reply-To: <alpine.BSF.2.00.1207221702240.2621@wojtek.tensor.gdynia.pl> References: <1342963441.4162.8.camel@zym6400> <alpine.BSF.2.00.1207221702240.2621@wojtek.tensor.gdynia.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-+Xh3bNrkBPkV/jIpJhH4 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable yeah, rules in devfs always work. and it may introduce more challenge on operation management, is there any way that we can do it more clean? should we set the permission for :operator g+w on disks and partitions? then we can put a dedicate user for trafficserver into operator group. =E5=9C=A8 2012-07-22=E6=97=A5=E7=9A=84 17:03 +0200=EF=BC=8CWojciech Puchar= =E5=86=99=E9=81=93=EF=BC=9A > > Apache Traffic Server may use raw disk for caching, and for privilege > > elevation, the worker process(traffic_server) will setuid to nobody, my > > question is, how to make traffic_server access the /dev/ada*? > > > > in linux, disk permitting is root:disk 0660, we can go with: > > 1, setup a new user 'ats', and put it into 'disk' group > > 2, after setuid, run initgroups() to complete the groups evn. >=20 > devfs.conf --=20 zym, Zhao Yongming. aka: yonghao @ taobao.com --=-+Xh3bNrkBPkV/jIpJhH4 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iF4EABEIAAYFAlAMrS0ACgkQQBjU8JUwVz6xDQD/eisqDwN1fagoCPAal35AP/S+ QtcwoCusr1YHwJ8TF/wA/j8AGUAEsICExlKc9zxucK6JgEA6yaPrAPizx11BDMFc =wz0m -----END PGP SIGNATURE----- --=-+Xh3bNrkBPkV/jIpJhH4--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1343008044.4047.19.camel>