In changeset 1981 I added a angel process to the lighttpd build. It solves several problems when we have everything running as expected:
- SIGHUP leads to a graceful restart (config reloads)
- SIGINT is graceful shutdown as now
- all unhandled signals lead to a restart of the lighttpd process
We have to be careful with the angel as it will stay alive and stay running as the user it is started as (usually root). That’s the only way we can restart lighttpd from scratch on restart.
This will also solve other problems in 1.5.0:
- bug #1271, unsafe logfiles
- … and perhaps others
The angel has to implement some security measures to stay clean:
- the angel can only start the lighttpd binary which is compiled into the angel at compile time
- if run as root the starting user has to be root too or be in the same group as the owner of the lighttpd binary
- … and perhaps more restrictions
As extra features we will add ulimit support to let lighttpd die in case it is using to much memory. But that’s for later.