Thanks, Christos, for your reply. I have this conf.d already in my system. But what I could ensure that even nginx master process is running as nginx (or http) user and not as root. The reference I above mentioned has a "tutorial" of how to achieve that in systemd but are thing I have no idea what are the equivalents in openrc:
- NoNewPrivileges=yes in systemd
- CapabilityBoundingSet=CAP_NET_BIND_SERVICE, AmbientCapabilities=CAP_NET_BIND_SERVICE in systemd
- StateDirectory=nginx in systemd
...
Can you guide me to translate the section 5.1 of this tutorial [https://wiki.archlinux.org/title/Nginx#Running_unprivileged_using_systemd] to openrc? This is what I really asked for.
Thanks in advance,
Xavier
On Sat, 24 Aug 2024 22:00:30 +0300
Christos Nouskas <nous at artixlinux.org> ha escrit:
> https://gitea.artixlinux.org/packages/nginx-openrc/src/branch/master/nginx.confd
>
> Just set it in /etc/conf.d/nginx
>
>
> On August 24, 2024 5:22:14 PM GMT+03:00, "Xavier B." <somenxavier at posteo.net> wrote:
> >Hi,
> >
> >I want to run nginx as unpriviledged user. I follow the guide of archlinux [https://wiki.archlinux.org/title/Nginx#Running_unprivileged_using_systemd] but I don't know the equivalent in OpenRC world.
> >
> >Anyone could help me?
> >
> >Thanks in advance,
> >Xavier
> >--
> >artix-general mailing list
> >artix-general at artixlinux.org
> >https://lists.artixlinux.org/listinfo/artix-general
More information about the artix-general
mailing list