From 7ffc617ae89fe08b8a9a17bed41ef8941b8151fb Mon Sep 17 00:00:00 2001 From: Max Romanov Date: Mon, 17 Aug 2020 12:28:48 +0300 Subject: Supporting platforms without sendfile() implementation. This is a quick and dirty sendfile() replacement. This closes #452 PR on GitHub. --- auto/sendfile | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'auto') diff --git a/auto/sendfile b/auto/sendfile index a065f7b6..1c20db06 100644 --- a/auto/sendfile +++ b/auto/sendfile @@ -84,10 +84,8 @@ fi if [ $nxt_found = no ]; then - $echo - $echo "$0: error: no supported sendfile() found." - $echo - exit 1; + # No supported sendfile() found. Using our replacement. + nxt_found=yes fi -- cgit From a8a7eeb1fc7aada17d0d8fe8e15d325525986937 Mon Sep 17 00:00:00 2001 From: Tiago Natel de Moura Date: Thu, 20 Aug 2020 15:22:58 +0100 Subject: Moved isolation related code to "nxt_isolation.c". --- auto/sources | 1 + 1 file changed, 1 insertion(+) (limited to 'auto') diff --git a/auto/sources b/auto/sources index a61577dc..e44dc4bb 100644 --- a/auto/sources +++ b/auto/sources @@ -14,6 +14,7 @@ NXT_LIB_SRCS=" \ src/nxt_socket.c \ src/nxt_socketpair.c \ src/nxt_credential.c \ + src/nxt_isolation.c \ src/nxt_process.c \ src/nxt_process_title.c \ src/nxt_signal.c \ -- cgit From 30a242aa3cbfc3c3368ba0b6d2b4e579b31dc553 Mon Sep 17 00:00:00 2001 From: Tiago Natel de Moura Date: Tue, 25 Aug 2020 13:28:14 +0100 Subject: PHP: added bind mounts for extensions directory. --- auto/modules/php | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) (limited to 'auto') diff --git a/auto/modules/php b/auto/modules/php index 75d60242..0ba82eae 100644 --- a/auto/modules/php +++ b/auto/modules/php @@ -59,6 +59,12 @@ NXT_PHP_MODULE=${NXT_PHP_MODULE=${NXT_PHP##*/}} NXT_PHP_LIB_PATH=${NXT_PHP_LIB_PATH=} NXT_PHP_LIB_STATIC=${NXT_PHP_LIB_STATIC=no} NXT_PHP_ADDITIONAL_FLAGS= +NXT_PHP_REALPATH=realpath + + +if [ -z `which $NXT_PHP_REALPATH` ]; then + NXT_PHP_REALPATH="readlink -e" +fi $echo "configuring PHP module" @@ -74,6 +80,14 @@ if /bin/sh -c "${NXT_PHP_CONFIG} --version" >> $NXT_AUTOCONF_ERR 2>&1; then $echo " found" NXT_PHP_VERSION="`${NXT_PHP_CONFIG} --version`" + NXT_PHP_EXT_DIR="`${NXT_PHP_CONFIG} --extension-dir`" + NXT_PHP_LIBC_DIR="`${CC} --print-file-name=libc.so`" + NXT_PHP_LIBC_DIR="`$NXT_PHP_REALPATH $NXT_PHP_LIBC_DIR`" + NXT_PHP_LIBC_DIR="`dirname $NXT_PHP_LIBC_DIR`" + NXT_PHP_SYSLIB_DIR="`${CC} --print-file-name=libtinfo.so`" + NXT_PHP_SYSLIB_DIR="`$NXT_PHP_REALPATH $NXT_PHP_SYSLIB_DIR`" + NXT_PHP_SYSLIB_DIR="`dirname $NXT_PHP_SYSLIB_DIR`" + $echo " + PHP SAPI: [`${NXT_PHP_CONFIG} --php-sapis`]" NXT_PHP_MAJOR_VERSION=${NXT_PHP_VERSION%%.*} @@ -213,6 +227,22 @@ if grep ^$NXT_PHP_MODULE: $NXT_MAKEFILE 2>&1 > /dev/null; then exit 1; fi + +NXT_PHP_MOUNTS_HEADER=nxt_${NXT_PHP_MODULE}_mounts.h + +cat << END > $NXT_BUILD_DIR/$NXT_PHP_MOUNTS_HEADER +static const nxt_fs_mount_t nxt_php_mounts[] = { + {(u_char *) "$NXT_PHP_EXT_DIR", (u_char *) "$NXT_PHP_EXT_DIR", + (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL}, + {(u_char *) "$NXT_PHP_LIBC_DIR", (u_char *) "$NXT_PHP_LIBC_DIR", + (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL}, + {(u_char *) "$NXT_PHP_SYSLIB_DIR", (u_char *) "$NXT_PHP_SYSLIB_DIR", + (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL}, +}; + +END + + $echo " + PHP module: ${NXT_PHP_MODULE}.unit.so" . auto/cc/deps @@ -238,7 +268,8 @@ for nxt_src in $NXT_PHP_MODULE_SRCS; do cat << END >> $NXT_MAKEFILE $NXT_BUILD_DIR/$nxt_obj: $nxt_src $NXT_VERSION_H - \$(CC) -c \$(CFLAGS) $NXT_PHP_ADDITIONAL_FLAGS \$(NXT_INCS) \\ + \$(CC) -c \$(CFLAGS) -DNXT_PHP_MOUNTS_H=\"$NXT_PHP_MOUNTS_HEADER\" \\ + $NXT_PHP_ADDITIONAL_FLAGS \$(NXT_INCS) \\ $NXT_PHP_INCLUDE -DNXT_ZEND_SIGNAL_STARTUP=$NXT_ZEND_SIGNAL_STARTUP \\ $nxt_dep_flags \\ -o $NXT_BUILD_DIR/$nxt_obj $nxt_src -- cgit From b65a8636bb5b2ee61c69660aa6f7edc7d909e632 Mon Sep 17 00:00:00 2001 From: Tiago Natel de Moura Date: Tue, 25 Aug 2020 15:25:51 +0100 Subject: Isolation: added "automount" option. Now it's possible to disable default bind mounts of languages by setting: { "isolation": { "automount": { "language_deps": false } } } In this case, the user is responsible to provide a "rootfs" containing the language libraries and required files for the application. --- auto/modules/java | 6 +++--- auto/modules/php | 6 +++--- auto/modules/python | 2 +- auto/modules/ruby | 14 +++++++------- 4 files changed, 14 insertions(+), 14 deletions(-) (limited to 'auto') diff --git a/auto/modules/java b/auto/modules/java index fa68f573..be8f443c 100644 --- a/auto/modules/java +++ b/auto/modules/java @@ -326,11 +326,11 @@ cat << END > $NXT_BUILD_DIR/$NXT_JAVA_MOUNTS_HEADER static const nxt_fs_mount_t nxt_java_mounts[] = { - {(u_char *) "proc", (u_char *) "/proc", (u_char *) "proc", 0, NULL}, + {(u_char *) "proc", (u_char *) "/proc", (u_char *) "proc", 0, NULL, 1}, {(u_char *) "$NXT_JAVA_LIBC_DIR", (u_char *) "$NXT_JAVA_LIBC_DIR", - (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL}, + (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1}, {(u_char *) "$NXT_JAVA_HOME", (u_char *) "$NXT_JAVA_HOME", - (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL}, + (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1}, }; diff --git a/auto/modules/php b/auto/modules/php index 0ba82eae..848fc1bc 100644 --- a/auto/modules/php +++ b/auto/modules/php @@ -233,11 +233,11 @@ NXT_PHP_MOUNTS_HEADER=nxt_${NXT_PHP_MODULE}_mounts.h cat << END > $NXT_BUILD_DIR/$NXT_PHP_MOUNTS_HEADER static const nxt_fs_mount_t nxt_php_mounts[] = { {(u_char *) "$NXT_PHP_EXT_DIR", (u_char *) "$NXT_PHP_EXT_DIR", - (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL}, + (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1}, {(u_char *) "$NXT_PHP_LIBC_DIR", (u_char *) "$NXT_PHP_LIBC_DIR", - (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL}, + (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1}, {(u_char *) "$NXT_PHP_SYSLIB_DIR", (u_char *) "$NXT_PHP_SYSLIB_DIR", - (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL}, + (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1}, }; END diff --git a/auto/modules/python b/auto/modules/python index c14bf7e0..58d8f66f 100644 --- a/auto/modules/python +++ b/auto/modules/python @@ -138,7 +138,7 @@ pyver = "python" + str(sys.version_info[0]) + "." + str(sys.version_info[1]) print("static const nxt_fs_mount_t nxt_python_mounts[] = {") -pattern = "{(u_char *) \"%s\", (u_char *) \"%s\", (u_char *) \"bind\", NXT_MS_BIND|NXT_MS_REC, NULL}," +pattern = "{(u_char *) \"%s\", (u_char *) \"%s\", (u_char *) \"bind\", NXT_MS_BIND|NXT_MS_REC, NULL, 1}," base = None for p in sys.path: if len(p) > 0: diff --git a/auto/modules/ruby b/auto/modules/ruby index c1444f07..e0d54516 100644 --- a/auto/modules/ruby +++ b/auto/modules/ruby @@ -156,23 +156,23 @@ cat << END > $NXT_RUBY_MOUNTS_PATH static const nxt_fs_mount_t nxt_ruby_mounts[] = { {(u_char *) "$NXT_RUBY_RUBYHDRDIR", (u_char *) "$NXT_RUBY_RUBYHDRDIR", - (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL}, + (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1}, {(u_char *) "$NXT_RUBY_ARCHHDRDIR", (u_char *) "$NXT_RUBY_ARCHHDRDIR", - (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL}, + (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1}, {(u_char *) "$NXT_RUBY_SITEDIR", (u_char *) "$NXT_RUBY_SITEDIR", - (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL}, + (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1}, {(u_char *) "$NXT_RUBY_LIBDIR", (u_char *) "$NXT_RUBY_LIBDIR", - (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL}, + (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1}, {(u_char *) "$NXT_RUBY_TOPDIR", (u_char *) "$NXT_RUBY_TOPDIR", - (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL}, + (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1}, {(u_char *) "$NXT_RUBY_PREFIXDIR", (u_char *) "$NXT_RUBY_PREFIXDIR", - (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL}, + (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1}, END for path in `echo $NXT_RUBY_GEMPATH | tr ':' '\n'`; do $echo "{(u_char *) \"$path\", (u_char *) \"$path\"," >> $NXT_RUBY_MOUNTS_PATH - $echo "(u_char *) \"bind\", NXT_MS_BIND | NXT_MS_REC, NULL}," >> $NXT_RUBY_MOUNTS_PATH + $echo "(u_char *) \"bind\", NXT_MS_BIND | NXT_MS_REC, NULL, 1}," >> $NXT_RUBY_MOUNTS_PATH done $echo "};" >> $NXT_RUBY_MOUNTS_PATH -- cgit From d483aa74e61af411e40e98153a597d5a0473e2f1 Mon Sep 17 00:00:00 2001 From: Max Romanov Date: Mon, 14 Sep 2020 12:07:30 +0300 Subject: Python: source file moved to 'python' sub-directory. No functional changes. Get ready for an increase in file number. --- auto/modules/python | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'auto') diff --git a/auto/modules/python b/auto/modules/python index 58d8f66f..0e80d93f 100644 --- a/auto/modules/python +++ b/auto/modules/python @@ -167,7 +167,7 @@ $echo " + Python module: ${NXT_PYTHON_MODULE}.unit.so" $echo >> $NXT_MAKEFILE NXT_PYTHON_MODULE_SRCS=" \ - src/nxt_python_wsgi.c \ + src/python/nxt_python_wsgi.c \ " # The python module object files. @@ -185,6 +185,7 @@ for nxt_src in $NXT_PYTHON_MODULE_SRCS; do cat << END >> $NXT_MAKEFILE $NXT_BUILD_DIR/$nxt_obj: $nxt_src $NXT_VERSION_H + mkdir -p $NXT_BUILD_DIR/src/python \$(CC) -c \$(CFLAGS) -DNXT_PYTHON_MOUNTS_H=\"$NXT_PYTHON_MOUNTS_HEADER\" \\ \$(NXT_INCS) $NXT_PYTHON_INCLUDE \\ $nxt_dep_flags \\ -- cgit From d94dac091f6a6878f10cfc8fa1ef059dd6bfe964 Mon Sep 17 00:00:00 2001 From: Max Romanov Date: Mon, 14 Sep 2020 13:27:02 +0300 Subject: Python: split module initialization from WSGI implementation. This is required for futher ASGI implementation. --- auto/modules/python | 1 + 1 file changed, 1 insertion(+) (limited to 'auto') diff --git a/auto/modules/python b/auto/modules/python index 0e80d93f..afb1b586 100644 --- a/auto/modules/python +++ b/auto/modules/python @@ -167,6 +167,7 @@ $echo " + Python module: ${NXT_PYTHON_MODULE}.unit.so" $echo >> $NXT_MAKEFILE NXT_PYTHON_MODULE_SRCS=" \ + src/python/nxt_python.c \ src/python/nxt_python_wsgi.c \ " -- cgit From c2eb245b32870b6360079ff9a4b063a7cd84d585 Mon Sep 17 00:00:00 2001 From: Tiago Natel de Moura Date: Wed, 9 Sep 2020 19:28:44 +0100 Subject: PHP: fixed "rootfs" isolation dependency on system mounts. --- auto/modules/php | 30 +----------------------------- 1 file changed, 1 insertion(+), 29 deletions(-) (limited to 'auto') diff --git a/auto/modules/php b/auto/modules/php index 848fc1bc..41eeb1c3 100644 --- a/auto/modules/php +++ b/auto/modules/php @@ -59,12 +59,6 @@ NXT_PHP_MODULE=${NXT_PHP_MODULE=${NXT_PHP##*/}} NXT_PHP_LIB_PATH=${NXT_PHP_LIB_PATH=} NXT_PHP_LIB_STATIC=${NXT_PHP_LIB_STATIC=no} NXT_PHP_ADDITIONAL_FLAGS= -NXT_PHP_REALPATH=realpath - - -if [ -z `which $NXT_PHP_REALPATH` ]; then - NXT_PHP_REALPATH="readlink -e" -fi $echo "configuring PHP module" @@ -81,12 +75,6 @@ if /bin/sh -c "${NXT_PHP_CONFIG} --version" >> $NXT_AUTOCONF_ERR 2>&1; then NXT_PHP_VERSION="`${NXT_PHP_CONFIG} --version`" NXT_PHP_EXT_DIR="`${NXT_PHP_CONFIG} --extension-dir`" - NXT_PHP_LIBC_DIR="`${CC} --print-file-name=libc.so`" - NXT_PHP_LIBC_DIR="`$NXT_PHP_REALPATH $NXT_PHP_LIBC_DIR`" - NXT_PHP_LIBC_DIR="`dirname $NXT_PHP_LIBC_DIR`" - NXT_PHP_SYSLIB_DIR="`${CC} --print-file-name=libtinfo.so`" - NXT_PHP_SYSLIB_DIR="`$NXT_PHP_REALPATH $NXT_PHP_SYSLIB_DIR`" - NXT_PHP_SYSLIB_DIR="`dirname $NXT_PHP_SYSLIB_DIR`" $echo " + PHP SAPI: [`${NXT_PHP_CONFIG} --php-sapis`]" @@ -228,21 +216,6 @@ if grep ^$NXT_PHP_MODULE: $NXT_MAKEFILE 2>&1 > /dev/null; then fi -NXT_PHP_MOUNTS_HEADER=nxt_${NXT_PHP_MODULE}_mounts.h - -cat << END > $NXT_BUILD_DIR/$NXT_PHP_MOUNTS_HEADER -static const nxt_fs_mount_t nxt_php_mounts[] = { - {(u_char *) "$NXT_PHP_EXT_DIR", (u_char *) "$NXT_PHP_EXT_DIR", - (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1}, - {(u_char *) "$NXT_PHP_LIBC_DIR", (u_char *) "$NXT_PHP_LIBC_DIR", - (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1}, - {(u_char *) "$NXT_PHP_SYSLIB_DIR", (u_char *) "$NXT_PHP_SYSLIB_DIR", - (u_char *) "bind", NXT_MS_BIND | NXT_MS_REC, NULL, 1}, -}; - -END - - $echo " + PHP module: ${NXT_PHP_MODULE}.unit.so" . auto/cc/deps @@ -268,8 +241,7 @@ for nxt_src in $NXT_PHP_MODULE_SRCS; do cat << END >> $NXT_MAKEFILE $NXT_BUILD_DIR/$nxt_obj: $nxt_src $NXT_VERSION_H - \$(CC) -c \$(CFLAGS) -DNXT_PHP_MOUNTS_H=\"$NXT_PHP_MOUNTS_HEADER\" \\ - $NXT_PHP_ADDITIONAL_FLAGS \$(NXT_INCS) \\ + \$(CC) -c \$(CFLAGS) $NXT_PHP_ADDITIONAL_FLAGS \$(NXT_INCS) \\ $NXT_PHP_INCLUDE -DNXT_ZEND_SIGNAL_STARTUP=$NXT_ZEND_SIGNAL_STARTUP \\ $nxt_dep_flags \\ -o $NXT_BUILD_DIR/$nxt_obj $nxt_src -- cgit From c4c2f90c5b532c1ec283d211e0fd50e4538c2a51 Mon Sep 17 00:00:00 2001 From: Max Romanov Date: Thu, 1 Oct 2020 23:55:23 +0300 Subject: Python: ASGI server introduced. This closes #461 issue on GitHub. --- auto/modules/python | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'auto') diff --git a/auto/modules/python b/auto/modules/python index afb1b586..48f6e5ef 100644 --- a/auto/modules/python +++ b/auto/modules/python @@ -168,6 +168,11 @@ $echo >> $NXT_MAKEFILE NXT_PYTHON_MODULE_SRCS=" \ src/python/nxt_python.c \ + src/python/nxt_python_asgi.c \ + src/python/nxt_python_asgi_http.c \ + src/python/nxt_python_asgi_lifespan.c \ + src/python/nxt_python_asgi_str.c \ + src/python/nxt_python_asgi_websocket.c \ src/python/nxt_python_wsgi.c \ " -- cgit