diff options
author | Kamil Trzcinski <ayufan@ayufan.eu> | 2016-02-16 17:54:18 +0300 |
---|---|---|
committer | Kamil Trzcinski <ayufan@ayufan.eu> | 2016-02-16 17:54:18 +0300 |
commit | a9b41da7fc5a07eae0a72dc7e59f323a73e74a54 (patch) | |
tree | a7bc61ef086855d1e70b65ceef959eaa65494155 /main.go | |
parent | 7f12dcc6036f3935688e3fc4be61e8b1596cbc1d (diff) |
Execute unprivileged daemon in chroot
Diffstat (limited to 'main.go')
-rw-r--r-- | main.go | 7 |
1 files changed, 4 insertions, 3 deletions
@@ -24,7 +24,8 @@ func appMain() { var useHTTP2 = flag.Bool("use-http2", true, "Enable HTTP2 support") var pagesRoot = flag.String("pages-root", "shared/pages", "The directory where pages are stored") var pagesDomain = flag.String("pages-domain", "gitlab-example.com", "The domain to serve static pages") - var pagesUser = flag.String("pages-user", "", "Drop privileges to this user") + var daemonUID = flag.Uint("daemon-uid", 0, "Drop privileges to this user") + var daemonGID = flag.Uint("daemon-gid", 0, "Drop privileges to this group") log.Printf("GitLab Pages Daemon %s (%s)", VERSION, REVISION) log.Printf("URL: https://gitlab.com/gitlab-org/gitlab-pages\n") @@ -66,8 +67,8 @@ func appMain() { defer l.Close() } - if *pagesUser != "" { - daemonize(config, *pagesUser) + if *daemonUID != 0 || *daemonGID != 0 { + daemonize(config, *daemonUID, *daemonGID) return } |