Use updated setuid with clearSupplementalGroups (#4609)
* Use updated setuid with clearSupplementalGroups Signed-off-by: Greg Wilkins <gregw@webtide.com> * remove version from setuid.mod Signed-off-by: Greg Wilkins <gregw@webtide.com>
This commit is contained in:
parent
75893dac9c
commit
95f20ddfeb
|
@ -13,7 +13,7 @@
|
||||||
<properties>
|
<properties>
|
||||||
<assembly-directory>${basedir}/target/jetty-home</assembly-directory>
|
<assembly-directory>${basedir}/target/jetty-home</assembly-directory>
|
||||||
<source-assembly-directory>${basedir}/target/jetty-home-sources</source-assembly-directory>
|
<source-assembly-directory>${basedir}/target/jetty-home-sources</source-assembly-directory>
|
||||||
<jetty-setuid-version>1.0.3</jetty-setuid-version>
|
<jetty-setuid-version>1.0.4</jetty-setuid-version>
|
||||||
</properties>
|
</properties>
|
||||||
|
|
||||||
<build>
|
<build>
|
||||||
|
|
|
@ -10,6 +10,7 @@
|
||||||
<Set name="umaskOctal"><Property name="jetty.setuid.umask" deprecated="jetty.umask" default="002"/></Set>
|
<Set name="umaskOctal"><Property name="jetty.setuid.umask" deprecated="jetty.umask" default="002"/></Set>
|
||||||
<Set name="username"><Property name="jetty.setuid.userName" deprecated="jetty.username" default="jetty"/></Set>
|
<Set name="username"><Property name="jetty.setuid.userName" deprecated="jetty.username" default="jetty"/></Set>
|
||||||
<Set name="groupname"><Property name="jetty.setuid.groupName" deprecated="jetty.groupname" default="jetty"/></Set>
|
<Set name="groupname"><Property name="jetty.setuid.groupName" deprecated="jetty.groupname" default="jetty"/></Set>
|
||||||
|
<Set name="clearSupplementalGroups"><Property name="jetty.setuid.clearSupplementalGroups" default="false"/></Set>
|
||||||
<!-- uncomment to change the limits on number of open file descriptors for root -->
|
<!-- uncomment to change the limits on number of open file descriptors for root -->
|
||||||
<!--
|
<!--
|
||||||
<Call name="setRLimitNoFiles">
|
<Call name="setRLimitNoFiles">
|
||||||
|
|
|
@ -9,7 +9,7 @@ changing to a restricted user (eg jetty).
|
||||||
server
|
server
|
||||||
|
|
||||||
[lib]
|
[lib]
|
||||||
lib/setuid/jetty-setuid-java-1.0.3.jar
|
lib/setuid/*.jar
|
||||||
|
|
||||||
[xml]
|
[xml]
|
||||||
etc/jetty-setuid.xml
|
etc/jetty-setuid.xml
|
||||||
|
@ -20,3 +20,4 @@ etc/jetty-setuid.xml
|
||||||
# jetty.setuid.userName=jetty
|
# jetty.setuid.userName=jetty
|
||||||
# jetty.setuid.groupName=jetty
|
# jetty.setuid.groupName=jetty
|
||||||
# jetty.setuid.umask=002
|
# jetty.setuid.umask=002
|
||||||
|
# jetty.setuid.clearSupplementalGroups=false
|
||||||
|
|
Loading…
Reference in New Issue