diff options
author | Eric Wong <normalperson@yhbt.net> | 2010-03-01 08:47:40 +0000 |
---|---|---|
committer | Eric Wong <normalperson@yhbt.net> | 2010-03-01 08:47:40 +0000 |
commit | 45e89c0fed05396652bd3061b9b4f0814dc7d37d (patch) | |
tree | 5b7742de6a4702f4d979356e2bb561fce5515c52 /lib/unicorn.rb | |
parent | e37d8d0c6355e48fd6d2627313b9003a160f27fc (diff) | |
download | unicorn-45e89c0fed05396652bd3061b9b4f0814dc7d37d.tar.gz |
Allowing the "user" directive outside of after_fork reduces the cognitive overhead for folks that do not need the complexity of *_fork hooks. Using Worker#user remains supported as it offers fine-grained control of user switching.
Diffstat (limited to 'lib/unicorn.rb')
-rw-r--r-- | lib/unicorn.rb | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/lib/unicorn.rb b/lib/unicorn.rb index 8c0ff6e..2a2f54e 100644 --- a/lib/unicorn.rb +++ b/lib/unicorn.rb @@ -3,6 +3,7 @@ require 'fcntl' require 'unicorn/socket_helper' autoload :Rack, 'rack' +autoload :Etc, 'etc' # Unicorn module containing all of the classes (include C extensions) for running # a Unicorn web server. It contains a minimalist HTTP server with just enough @@ -81,7 +82,7 @@ module Unicorn :before_fork, :after_fork, :before_exec, :logger, :pid, :listener_opts, :preload_app, :reexec_pid, :orig_app, :init_listeners, - :master_pid, :config, :ready_pipe) + :master_pid, :config, :ready_pipe, :user) include ::Unicorn::SocketHelper # prevents IO objects in here from being GC-ed @@ -162,9 +163,7 @@ module Unicorn # releases of Unicorn. You may need to access it in the # before_fork/after_fork hooks. See the Unicorn::Configurator RDoc # for examples. - class Worker < Struct.new(:nr, :tmp) - - autoload :Etc, 'etc' + class Worker < Struct.new(:nr, :tmp, :switched) # worker objects may be compared to just plain numbers def ==(other_nr) @@ -194,6 +193,7 @@ module Unicorn Process::GID.change_privilege(gid) end Process.euid != uid and Process::UID.change_privilege(uid) + self.switched = true end end @@ -659,6 +659,7 @@ module Unicorn LISTENERS.each { |sock| sock.fcntl(Fcntl::F_SETFD, Fcntl::FD_CLOEXEC) } worker.tmp.fcntl(Fcntl::F_SETFD, Fcntl::FD_CLOEXEC) after_fork.call(self, worker) # can drop perms + worker.user(*user) if user.kind_of?(Array) && ! worker.switched self.timeout /= 2.0 # halve it for select() build_app! unless preload_app end |