Cleanup nginx user and directory setup

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
This commit is contained in:
David Oberhollenzer 2018-10-07 16:35:05 +02:00
parent 30cad432bf
commit 62345ef7bb
5 changed files with 11 additions and 1 deletions

View File

@ -6,11 +6,18 @@ events {
error_log syslog:server=unix:/dev/log,nohostname,facility=daemon,severity=error,tag=nginx;
working_directory /var/nginx;
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
client_body_temp_path /var/nginx/client_body_temp;
fastcgi_temp_path /var/nginx/fastcgi_temp;
proxy_temp_path /var/nginx/proxy_temp;
scgi_temp_path /var/nginx/scgi_temp;
uwsgi_temp_path /var/nginx/uwsgi_temp;
server {
listen 80;

View File

@ -8,6 +8,7 @@ exec {
mkdir /var/spool -m 0755
mkdir /var/lib -m 0755
mkdir /var/tmp -m 0755
mkdir /var/nginx -m 0755
touch /var/log/lastlog
touch /var/log/faillog
touch /var/log/sulog

View File

@ -19,7 +19,7 @@ build() {
--http-log-path=/dev/null \
--pid-path=/run/nginx.pid \
--lock-path=/run/nginx.lock \
--user=nobody --group=nogroup \
--user=nginx --group=nginx \
--crossbuild=${TARGET} \
--with-cc=${TCDIR}/bin/${TARGET}-gcc \
--with-cpp=${TCDIR}/bin/${TARGET}-cpp \

View File

@ -4,4 +4,5 @@ sshd:x:50:
dnsmasq:x:51:
unbound:x:52:
syslogd:x:53:
nginx:x:54:
nogroup:x:99:

View File

@ -3,4 +3,5 @@ sshd:x:50:50:sshd PrivSep:/var/lib/sshd:/bin/false
dnsmasq:x:51:51:dnsmasq user:/dev/null:/bin/false
unbound:x:52:52:unbound user:/dev/null:/bin/false
syslogd:x:53:53:syslog user:/dev/null:/bin/false
nginx:x:54:54:syslog user:/dev/null:/bin/false
nobody:x:99:99:Unprivileged User:/dev/null:/bin/false