On Sat, Mar 28, 2015 at 01:02:25PM +0100, frantisek holop wrote: > > so i have just been bitten by the implicitly > included openbsd chroot patch for nginx. > > the issue is, that i _remembered_ there is a > parameter to turn it off, but upon doing > man nginx, i could not find it. then i proceeded > to read the pkg-readme as well, and not a > word about it. yes, it is in nginx -h at least. > > i think this makes the nginx port very confusing. > > so first of all, would it be possible to add > the needed bits to the man page? i would also > welcome it very much if pkg-readme's by default > listed ANY intrusive local openbsd changes > like this. and make this a hard rule. > > and second, i was wondering if it was possible > to create an nginx flavor without the chroot patch. > > sometimes i just want a vanilla nginx, just like > upstream, so i am not going to be bitten by this > when i deploy stuff to linux servers... > actually, i think it should be the other way > around, nginx-chroot being a flavor, and not > vice versa.... > > -f > -- > i'm not religious. god willing, i never will be.
The chroot functionality is a sane default for a webserver, and people upgrading from the former base nginx to ports nginx might be suprised that it is no longer doing so. I only agree that documentation could be improved here. Your FastCGI applications can happily be configured somewhere outside of nginx's chroot.. -Bryan.
