GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
Mojolicious::Plugin::SetUserGroup(3) User Contributed Perl Documentation Mojolicious::Plugin::SetUserGroup(3)

Mojolicious::Plugin::SetUserGroup - Mojolicious plugin to set unprivileged credentials

  # Mojolicious
  $self->plugin(SetUserGroup => {user => $user, group => $group});
  
  # Mojolicious::Lite
  plugin SetUserGroup => {user => $user, group => $group};
  
  # Production mode only
  plugin SetUserGroup => {user => $user, group => $group}
    if $self->mode eq 'production';
  
  # Root only
  plugin SetUserGroup => {user => $user, group => $group}
    if $> == 0;

This plugin is intended to replace the "setuidgid" functionality of Mojo::Server. It should be loaded in application startup and it will change the user and group credentials of the process when Mojo::IOLoop is started, which occurs in each worker process of a Mojo::Server::Prefork daemon like hypnotoad.

This allows an application to be started as root so it can bind to privileged ports such as port 80 or 443, but run worker processes as unprivileged users. However, if the application is not started as root, it will most likely fail to change credentials. So, you should only set the user/group when the application is started as root or a user with the "CAP_SETUID" and "CAP_SETGID" capabilities(7).

This plugin only works on systems with a concept of Unix users and groups, such as Linux, OS X, or BSD.

The morbo development server is currently incompatible with this plugin as the lowered credentials causes the application worker to shut down. Make sure credential changes do not occur when running your application under morbo, either by not registering the plugin under that condition, or starting morbo under the target user and group so no change occurs.

Mojolicious::Plugin::SetUserGroup inherits all methods from Mojolicious::Plugin and implements the following new ones.

  $plugin->register(Mojolicious->new, {user => $user, group => $group});

Install callback to change process credentials on the next Mojo::IOLoop tick. If option "user" is undefined or the current user and group are already correct, no credential change will occur. If option "group" is undefined but "user" is defined, the group will be set to a group matching the user name. If credential changes fail, an error will be logged and the process will be stopped.

Dan Book, "dbook@cpan.org"

Jan Henning Thorsen (jhthorsen)
Lee Johnson (leejo)

Copyright 2015, Dan Book.

This library is free software; you may redistribute it and/or modify it under the terms of the Artistic License version 2.0.

Mojolicious, POSIX, Unix::Groups::FFI
2018-02-19 perl v5.32.1

Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.