[GitHub] [tomcat] michael-o commented on a change in pull request #382: Add support for unix domain sockets.

Tue, 01 Dec 2020 07:18:29 -0800 


michael-o commented on a change in pull request #382:
URL: https://github.com/apache/tomcat/pull/382#discussion_r533488953



##########
File path: java/org/apache/tomcat/util/net/LocalStrings.properties
##########
@@ -88,6 +88,7 @@ endpoint.init.bind=Socket bind failed: [{0}] [{1}]
 endpoint.init.bind.inherited=No inherited channel while the connector was 
configured to use one
 endpoint.init.listen=Socket listen failed: [{0}] [{1}]
 endpoint.init.notavail=APR not available
+endpoint.init.unixnotavail=Unix domain socket support not available

Review comment:
       Same here

##########
File path: webapps/docs/config/http.xml
##########
@@ -208,6 +208,24 @@
       The default is <code>POST</code></p>
     </attribute>
 
+    <attribute name="path" required="false">
+      <p>Where supported, the path to a unix domain socket that this

Review comment:
       Here

##########
File path: java/org/apache/catalina/core/LocalStrings.properties
##########
@@ -74,7 +74,7 @@ aprListener.aprInitDebug=The Apache Tomcat Native library 
could not be found usi
 aprListener.aprInitError=The Apache Tomcat Native library failed to load. The 
error reported was [{0}]
 aprListener.currentFIPSMode=Current FIPS mode: [{0}]
 aprListener.enterAlreadyInFIPSMode=AprLifecycleListener is configured to force 
entering FIPS mode, but library is already in FIPS mode [{0}]
-aprListener.flags=APR capabilities: IPv6 [{0}], sendfile [{1}], accept filters 
[{2}], random [{3}].
+aprListener.flags=APR capabilities: IPv6 [{0}], sendfile [{1}], accept filters 
[{2}], random [{3}], uds [{4}].

Review comment:
       Please uppercase uds in all properties files

##########
File path: webapps/docs/config/http.xml
##########
@@ -208,6 +208,24 @@
       The default is <code>POST</code></p>
     </attribute>
 
+    <attribute name="path" required="false">
+      <p>Where supported, the path to a unix domain socket that this
+      <strong>Connector</strong> will create and await incoming connections.
+      Tomcat will automatically remove the socket on server shutdown. If the
+      socket already exists, care must be taken by the administrator to remove
+      the socket after verifying that the socket isn't already being used by an
+      existing Tomcat process.</p>
+    </attribute>
+
+    <attribute name="pathPermissions" required="false">
+      <p>Where supported, the posix permissions that will be applied to the
+      to the unix domain socket specified with <code>path</code> above. The

Review comment:
       Here

##########
File path: webapps/docs/config/http.xml
##########
@@ -208,6 +208,24 @@
       The default is <code>POST</code></p>
     </attribute>
 
+    <attribute name="path" required="false">
+      <p>Where supported, the path to a unix domain socket that this
+      <strong>Connector</strong> will create and await incoming connections.
+      Tomcat will automatically remove the socket on server shutdown. If the
+      socket already exists, care must be taken by the administrator to remove
+      the socket after verifying that the socket isn't already being used by an
+      existing Tomcat process.</p>
+    </attribute>
+
+    <attribute name="pathPermissions" required="false">
+      <p>Where supported, the posix permissions that will be applied to the
+      to the unix domain socket specified with <code>path</code> above. The
+      permissions are specified as a string of nine characters, in three sets
+      of three: (r)ead, (w)rite and e(x)ecute for owner, group and everyone
+      else respectively. If a permission is not granted, a dash is used. If

Review comment:
       dash => hyphen

##########
File path: webapps/docs/changelog.xml
##########
@@ -124,6 +124,11 @@
         uses the correct setting for the secure attribute for any session
         cookies it creates. Based on a pull request by Andreas Kurth. (markt)
       </fix>
+      <add>
+        <bug>64943</bug>: Add support for unix domain sockets to

Review comment:
       And here

##########
File path: webapps/docs/config/http.xml
##########
@@ -1130,6 +1148,38 @@
   </subsection>
 
 
+  <subsection name="Unix Domain Socket Support">
+
+  <p>When the <code>path</code> attribute is used, connectors that support
+  unix domain sockets will bind to the socket at the given path. The first

Review comment:
       Upper

##########
File path: webapps/docs/config/http.xml
##########
@@ -208,6 +208,24 @@
       The default is <code>POST</code></p>
     </attribute>
 
+    <attribute name="path" required="false">
+      <p>Where supported, the path to a unix domain socket that this
+      <strong>Connector</strong> will create and await incoming connections.
+      Tomcat will automatically remove the socket on server shutdown. If the
+      socket already exists, care must be taken by the administrator to remove
+      the socket after verifying that the socket isn't already being used by an
+      existing Tomcat process.</p>
+    </attribute>
+
+    <attribute name="pathPermissions" required="false">
+      <p>Where supported, the posix permissions that will be applied to the
+      to the unix domain socket specified with <code>path</code> above. The
+      permissions are specified as a string of nine characters, in three sets
+      of three: (r)ead, (w)rite and e(x)ecute for owner, group and everyone

Review comment:
       everyone is Windows, Unix is others.

##########
File path: webapps/docs/config/http.xml
##########
@@ -1130,6 +1148,38 @@
   </subsection>
 
 
+  <subsection name="Unix Domain Socket Support">
+
+  <p>When the <code>path</code> attribute is used, connectors that support
+  unix domain sockets will bind to the socket at the given path. The first
+  connector to support this is the
+  <code>org.apache.coyote.http11.Http11AprProtocol</code> connector when
+  used with the Apache Tomcat Native library v1.2.26 and up, along with
+  Apache Portable Runtime v1.6 and higher.
+  </p>
+
+  <p>The socket path is created with read and write permissions for all
+  users. To protect this socket, place it in a directory with suitable
+  permissions appropriately configured to restrict access as required.
+  Alternatively, on platforms that support posix permissions, the
+  permissions on the socket can be set directly with the
+  <code>pathPermissions</code> option.
+  </p>
+
+  <p>Tomcat will automatically remove the socket on server shutdown. If the
+  socket already exists startup will fail. Care must be taken by the
+  administrator to remove the socket after verifying that the socket isn't
+  already being used by an existing Tomcat process.</p>
+
+  <p>The unix domain socket can be accessed using the

Review comment:
       Here




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to