There is an Angel for lighty

jan — Sun, 02 Sep 2007 22:36:00 +0000

In changeset [1981] I added a angel process to the lighttpd build. It solves several problems when we have everything running as expected:

SIGHUP leads to a graceful restart (config reloads)
SIGINT is graceful shutdown as now
all unhandled signals lead to a restart of the lighttpd process

We have to be careful with the angel as it will stay alive and stay running as the user it is started as (usually root). That’s the only way we can restart lighttpd from scratch on restart.

This will also solve other problems in 1.5.0:

bug #1271, unsafe logfiles
... and perhaps others

The angel has to implement some security measures to stay clean:

the angel can only start the lighttpd binary which is compiled into the angel at compile time
if run as root the starting user has to be root too or be in the same group as the owner of the lighttpd binary
... and perhaps more restrictions

As extra features we will add ulimit support to let lighttpd die in case it is using to much memory. But that’s for later.

"There is an Angel for lighty" by moo

Mon, 03 Sep 2007 11:04:49 +0000

yep, that's cool, and was what i think of all the time

"There is an Angel for lighty" by hangy

Mon, 03 Sep 2007 07:24:35 +0000

Do I understand it correctly, that the angel process is a small program just there to manage the lighty-process? Sounds cool. :)

"There is an Angel for lighty" by alexander

Mon, 03 Sep 2007 07:17:20 +0000

Excellent, Jan!!

lighty's life: There is an Angel for lighty

There is an Angel for lighty

"There is an Angel for lighty" by moo

"There is an Angel for lighty" by hangy

"There is an Angel for lighty" by alexander