[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[patch] TUX 2.4.2-P3



The latest TUX patch, 2.4.2-P3 (against vanilla 2.4.2) can be downloaded
from:

  http://people.redhat.com/~mingo/TUX-patches/tux2-full-2.4.2-P3.bz2

NOTE: the userspace tools have to be upgraded as well:

  http://people.redhat.com/~mingo/TUX-patches/tux-2.0.13.tar.gz

the biggest change is the cleanup of userspace module, CGI, redirection
and MIME-type handling. These various kinds of functions are now triggered
through a common MIME-type definition file, /etc/tux.mime.types. No more
obscure permissions on files, everything goes through file name
extensions. There are three new special MIME-types that can be used to
control redirection, CGI-execution or userspace-modules:

 TUX/redirect                    redir
 TUX/CGI                         cgi pl
 TUX/module                      tux x

eg. a "demo.tux" file in docroot will trigger a userspace module. (there
should be TUXMODULES="demo.tux" specified in /etc/sysconfig/tux too, so
that the two ends meet.)

another use is to mark certain extensions as candidates for redirection.
Eg. "TUX/redirect php pl" will redirect all .pl or .php requests to
Apache, without having to play games with permissions.

there is one security restriction: TUX/module files should be owned by
root user and root group.

(The fundamental split administration of binaries and actual module
'placeholders' in docroot remains, this is to make it less likely that the
server will serve binaries or scripts accidentally. CGI binaries should be
put into $DOCROOT/cgi-bin, and the cgi-bin directory should not be
readable or selectable by others, module binaries are in MODPATH.)

these cleanups are also a speedup, as userspace module indices are now
cached in the per-dentry 'TUX attributes' structure, along with the
MIME-type. There is no runtime overhead of overlong extension lists due to
this caching.

Plus the cleanup also resulted in a reduction in TUX source-code size too.

other changes in -P3:

- the FTP module got cleaned up and adopted to TUX-atoms framework. It can
  be enabled via "echo 1 > /proc/sys/net/tux/application_protocol". It's
  still not usable though because LIST does not work yet.

- a number of (minor) bugfixes and cleanups.

as always, bugreports, fixes, comments, suggestions welcome.

	Ingo






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []