Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Listen on unix socket #325

Closed
wants to merge 1 commit into from
Closed

Listen on unix socket #325

wants to merge 1 commit into from

Conversation

Digenis
Copy link
Member

@Digenis Digenis commented Apr 24, 2019

This allows securing the app from users on the same system,
provided that the effective group id of scrapyd's process is properly chosen.

This was referenced Apr 24, 2019
Closed
Closed
@Digenis Digenis added this to the 1.3.0 milestone Apr 25, 2019
@Digenis
Copy link
Member Author

Digenis commented Apr 25, 2019

Perhaps the app should also stop using tcp by default.

@codecov
Copy link

codecov bot commented Apr 27, 2019

Codecov Report

Merging #325 into master will decrease coverage by 0.54%.
The diff coverage is 61.53%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #325      +/-   ##
==========================================
- Coverage   68.77%   68.23%   -0.55%     
==========================================
  Files          16       16              
  Lines         823      831       +8     
  Branches       96       89       -7     
==========================================
+ Hits          566      567       +1     
- Misses        229      234       +5     
- Partials       28       30       +2
Impacted Files Coverage Δ
scrapyd/app.py 88.63% <61.53%> (-11.37%) ⬇️
scrapyd/webservice.py 28.2% <0%> (-1.71%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 21135a0...f917e75. Read the comment docs.

@codecov
Copy link

codecov bot commented Apr 27, 2019
edited
Loading

Codecov Report

Merging #325 into master will decrease coverage by 0.3%.
The diff coverage is 61.53%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #325      +/-   ##
==========================================
- Coverage   68.77%   68.47%   -0.31%     
==========================================
  Files          16       16              
  Lines         823      831       +8     
  Branches       96       98       +2     
==========================================
+ Hits          566      569       +3     
- Misses        229      232       +3     
- Partials       28       30       +2
Impacted Files Coverage Δ
scrapyd/app.py 88.63% <61.53%> (-11.37%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 21135a0...f917e75. Read the comment docs.

@Digenis Digenis mentioned this pull request Apr 28, 2019
Merged
@Digenis Digenis mentioned this pull request Apr 9, 2021
Closed
@jpmckinney jpmckinney mentioned this pull request Sep 23, 2021
Closed
@pawelmhm
Copy link
Contributor

integrated with current master here https://github.com/scrapy/scrapyd/compare/uds?expand=1

pawelmhm
pawelmhm reviewed Nov 23, 2021
View reviewed changes
scrapyd/app.py
webservice = UNIXServer(uds_path, website, mode=0o660)
log.msg(format=u"Scrapyd web console available at http+unix://%(uds_path)s",
uds_path=uds_path)
webservice.setServiceParent(app)
Copy link
Contributor

@pawelmhm pawelmhm Nov 23, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not certain if I understand the logic here, is this really meant to start both TCPServer and UnixServer? Or is there some intention to allow to disable and stop TCPServer by setting http_port to zero? If 2nd option, if we want to add option to disable TCP this should be explicitly documented in docs.

Because with this implementation if someone just adds uds_path without removing http_port it will start both of them, unixserver and tcp. Is that expected?

@jpmckinney jpmckinney modified the milestones: 1.3.0, 1.4.0 May 13, 2022
@jpmckinney
Copy link
Contributor

jpmckinney commented Mar 8, 2023
edited
Loading

The problem (authentication) seems to be equally solved by HTTP basic authentication, which is already merged. (The Unix socket strategy is to use filesystem permissions to prevent other users from connecting to the socket.)

Since this is not related to any feature request issue (i.e. no clear demand), I'll close.

@jpmckinney jpmckinney closed this Mar 8, 2023
@jpmckinney jpmckinney added pr: replaced for unmerged PRs that were replaced by a PR or commit and removed type: enhancement labels Jul 17, 2024
@jpmckinney
Copy link
Contributor

Done in #510

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pawelmhm pawelmhm pawelmhm left review comments

Assignees
No one assigned
Labels
pr: replaced for unmerged PRs that were replaced by a PR or commit
Projects
None yet
Milestone
1.x
Development

Successfully merging this pull request may close these issues.
3 participants
@Digenis @pawelmhm @jpmckinney