shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2024-10-27 01:55:32 +03:00
Code

man: don't place nginx socket in /tmp (#8757)

Browse Source 
First of all, it's frickin' ugly and wrong, as IPC sockets should be
placed in /run and definitely not under a guessable name under
world-writable /tmp. Secondly, it can't even work as we set
PrivateTmp=yes on the service.

Hence, let's clean up the example, and simply use a socket in /run
instead.

Fixes: #8419
This commit is contained in:
Lennart Poettering 2018-04-18 18:50:06 +02:00 committed by Zbigniew Jędrzejewski-Szmek
parent 7aab22308e
commit edd1dcd091
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
man/systemd-socket-proxyd.xml
View File

@ -111,7 +111,7 @@ Requires=proxy-to-nginx.socket
After=proxy-to-nginx.socket
[Service]
ExecStart=/usr/lib/systemd/systemd-socket-proxyd /tmp/nginx.sock
ExecStart=/usr/lib/systemd/systemd-socket-proxyd /run/nginx/socket
PrivateTmp=yes
PrivateNetwork=yes]]></programlisting>
</example>
@ -120,7 +120,7 @@ PrivateNetwork=yes]]></programlisting>
<programlisting>
<![CDATA[[…]
server {
listen unix:/tmp/nginx.sock;
listen unix:/run/nginx/socket;
[…]]]>
</programlisting>
</example>