164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
|
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
|
-
-
+
+
-
-
+
+
+
-
-
-
+
+
+
+
-
-
+
-
-
+
+
+
|
<h2 id="chroot">The Fossil Chroot Jail</h2>
<blockquote>
If you run Fossil as root in any mode that serves data on the
network, and you're running it on Unix or a compatible OS, Fossil
will drop itself into a [https://en.wikipedia.org/wiki/Chroot |
chroot jail] shortly after starting up. It will drop its root
privileges once it's done everything that requires root access; most
chroot jail] shortly after starting up, after
it's done everything that requires root access. Most
commonly, you run Fossil as root to allow it to bind to TCP port 80
for HTTP service, since normal users are restricted to ports 1024
and up on OSes where this behavior occurs.
Fossil uses the owner of the Fossil repository file as its new user
ID when dropping root privileges.
When this happens, Fossil needs to have all of its dependencies
inside the chroot jail. There are several things you typically need
in order to make things work properly:
<ul>
<li>the repository file(s)
<li><tt>/dev/null</tt> — create it with <tt>mknod(8)</tt>
inside the jail directory
<li><tt>/dev/null</tt> — create it with <tt>mknod(8)</tt> inside the
jail directory ([https://fossil-scm.org/forum/forumpost/90caff30cb |
Linux example])
<li><tt>/dev/urandom</tt> — ditto
<li>any shared libraries your <tt>fossil</tt> binary is linked
to, such as <tt>/lib/libssl.so</tt>; consider building Fossil as a
static binary to avoid this
<li>any shared libraries your <tt>fossil</tt> binary is linked to,
such as <tt>/lib/libssl.so</tt>; consider
<tt>[https://www.fossil-scm.org/fossil/doc/trunk/www/build.wiki |
./configure --static]</tt> to avoid the need for this
</ul>
</blockquote>
Fossil does all of this in order to protect the host OS. There is
no way to bypass it, on purpose.
Fossil does all of this in order to protect the host OS. You can make it
bypass the jail part of this by passing `--nojail` to `fossil server`,
but you cannot make it skip the dropping of root privileges, on purpose.
</blockquote>
<h2 id="loadmgmt">Managing Server Load</h2>
<blockquote>
A Fossil server is very efficient and normally presents a very light
|