* expand $-macros as string, only the new @-macros get expanded as-is
* rollback changes to characters allowed in bare strings
* optional semicolons in optnl, useful for readable @-macros
This allows to solve the problem with the \n in the grammar (before
two following macro declaration were treated as invalid. This also
brings in a nice `include' keyword.
In the same spite of the last commit, add the missing separators
between strings to avoid the auto-concat pitfalls. `=>' is used to
separate between `env' and `param' arguments, while for `fastcgi' the
keyword `port' is required between the hostname/ip address and the
port (if provided).
Since `env', `param' and `fastcgi' are all new stuff, there's no need
to keep compatibility.
With the newish automatic string concatenation, options like `mime'
that accepts two strings as parameter start to become ambiguous: which
strings gets concatenated? Instead of trying to document in the
manpage which argument(s) is subject to string concatenation, do the
concat always and introduce a separator. In the case of mime,
`to-ext' now acts as a separator to distinguish. While there, also
use a new keyword because it sounds better.
It's dead-easy to upgrade to the new configuration, possibly with some
sed magic, but for the moment the old `mime' form is preserved: (with
a warning!) Will be dropped in the next release.
Setting the environment variable SKIP_RUNTIME_TESTS to 1 will prevent
the runtime tests. This is useful when running the tests inside a
sandbox.
based on a similar diff by Anna "CyberTailor"
OpenBSD accept it, but FreeBSD disallows it. PF_UNSPEC (or 0) should
be used instead. The FastCGI bit in the regress suite still doesn't
work on FreeBSD, but at least now it starts.
Initialize the logger as soon as possible and log by default to
stderr. With this, some (common?) errors are printed early instead of
ending up in syslog.
# NB: this is in configless mode
% ./gmid -p 80
[2021-07-07 11:05:57] bind: Address already in use
% ./gmid -p 81
[2021-07-07 11:13:53] bind: Permission denied
%
but still try to autodetect with pkg-config if they aren't provided.
Passing CFLAGS/LDFLAGS from the command line will still override the
guessed ones.
we need to delete the events associated with the backends, otherwise
the server process won't ever quit.
Here, we add a pending counter to every backend and shut down
immediately if they aren't handling any client; otherwise we try to
close them as soon as possible (i.e. when they close the connection to
the last connected client.)
our stderr could have been sent to the logger process, so it may be
invalid. Furthermore, in the future we may want to capture also the
stderr of the processes.
Calling `configure' with --disable-sandbox will disable the sandbox
support *completely* at compile time. gmid will still complain at
compile time and during the startup.
Users shouldn't disable the sandbox if possible, but instead report
problem upstream so they get fixed (hopefully.)
#4 related
* SECCOMP_AUDIT_ARCH extended to support more architectures
* relax fcntl policy: allow the syscall regardless of the flags
* wrap every syscall in a ifdef, and add some (statx, fcntl64, ...)
used in x86
Some bits were taken from dhcpcd[0], thanks!
#4 related
[0]: https://roy.marples.name/git/dhcpcd/blob/HEAD:/src/privsep-linux.c
Omar Polo
Anna “CyberTailor”