<html><body>
<blockquote><p>On 04-Sep-2018, at 8:58 AM, Andy Green <andy@warmcat.com> wrote:</p>
<p>On 09/04/2018 11:17 AM, Necktwi Ozfguah wrote:</p>
<blockquote><p>Hi, For a FileSystem operation, is it possible to set UID and GID on the</p></blockquote>
<p>You can tell lws to drop privileges and take on a noprivileged uid and gid just by setting the context creation info .uid and .gid</p>
<p><a href="https://u7535577.ct.sendgrid.net/wf/click?upn=S8VPHvg5-2FzxqlLfWXPq42jtl-2BHS72n8W8-2BdZEc27PklOQ6y9BK7rpJ3-2FA3UXdw1WOgE4LPYFbzySTIsKHQFirEsccPb9qcVnF2C3cwfjiNPPvayaVblHohKWzkzDsoF8QiApU1ojlQGKrAUBw8AljA-3D-3D_MVqETTsl5w9JZmVH1Sq2QE8KivBbCxWEMAI66w938-2FwvrqQiWAHgQB1aY46IxLBqar9vonnVTcA5cWTfDu-2BRqooXtBGdyof-2BgvNWmYjBolIy-2FQz6Ds7q0WVXv8ttvoJ77B8ctEIRW6Vco-2B96mCC8KBaQwtNTNB6t-2Bz59wisgsBOq3-2BWGNKEiDMaWWhfKDO5lPdEdRTrzzMG4R8-2Bo7AL56-2FMnvygNsmmyA3MOaN0Ej60-3D">https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-context-vhost.h#n219-222</a></p>
<p>It implies you start your app as root.  The transition to the different uid + gid happens after the vhost protocol init, which allows you to open / create / modify things still as root in your LWS_CALLBACK_PROTOCOL_INIT.  This is very convenient for opening logfiles or whatever in directories that are only root-accessible, and still be able to use the fd after the privileges to do that have gone.</p>
<blockquote><p>process? Is there any mechanism drafted to use PAM with libwebsockets.</p></blockquote>
<p>AFAIK I don't have any use for PAM + lws.</p>
<p>What would you actually use it for?</p></blockquote>
<p>To determine uid of the http session user. Never mind, “You can tell lws to drop privileges and take on a noprivileged uid and gid just by setting the context creation info .uid and .gid” is all I am looking for. Thank you for implementing thread pool, I shall checkout.</p>
<blockquote><pre>-Andy</pre>
<blockquote><p>… NeckTwi <em>____________________________________________</em>_ Libwebsockets mailing list Libwebsockets@ml.libwebsockets.org <a href="https://u7535577.ct.sendgrid.net/wf/click?upn=S8VPHvg5-2FzxqlLfWXPq42jtl-2BHS72n8W8-2BdZEc27Pkm8-2BhcIKmaR9WoeTGnhmq-2Br9kYDs4T-2FMrzobihEBMVcsg-3D-3D_MVqETTsl5w9JZmVH1Sq2QE8KivBbCxWEMAI66w938-2FwvrqQiWAHgQB1aY46IxLBqar9vonnVTcA5cWTfDu-2BRqroIYRKUCdVQ-2F58J-2Fc1vJnZGKBLXL5lkzC67d2BvmTNT-2Fqdu2qUL-2FuJ7RRVDL2OJbwV-2F1tD4MxBmYgnn1knWFMyxPlMcKpDiIKIT3tAKse8F1ekTC-2F8DPVFxZ7u0hnelYXQ6RL1-2FBQMr7jRRZnb8JU8-3D">https://libwebsockets.org/mailman/listinfo/libwebsockets</a></p></blockquote></blockquote>

<img src="https://u7535577.ct.sendgrid.net/wf/open?upn=MVqETTsl5w9JZmVH1Sq2QE8KivBbCxWEMAI66w938-2FwvrqQiWAHgQB1aY46IxLBqar9vonnVTcA5cWTfDu-2BRqhY7EUD3PaAoACwlYOmE0Z3jZGRZDY1bXBW0aD3Hvef5zQVtook-2FcSCroT4BauTnJD2rNdxlH11zbq-2BO1uwmft-2BJ8Dbcc-2Fo8dIEZItelQi1kDo7qMbOEyrZ1JdkP-2BVdEl1HdxUqpH70fHarq1KXO5CwIcRFtHgsN8-2FBUQGsnOFXf" alt="" width="1" height="1" border="0" style="height:1px !important;width:1px !important;border-width:0 !important;margin-top:0 !important;margin-bottom:0 !important;margin-right:0 !important;margin-left:0 !important;padding-top:0 !important;padding-bottom:0 !important;padding-right:0 !important;padding-left:0 !important;"/>
</body></html>