Mercurial > hg > nginx-quic
view src/os/unix/ngx_posix_config.h @ 7174:84e53e4735a4
Retain CAP_NET_RAW capability for transparent proxying.
The capability is retained automatically in unprivileged worker processes after
changing UID if transparent proxying is enabled at least once in nginx
configuration.
The feature is only available in Linux.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Wed, 13 Dec 2017 20:40:53 +0300 |
parents | fc0d06224eda |
children |
line wrap: on
line source
/* * Copyright (C) Igor Sysoev * Copyright (C) Nginx, Inc. */ #ifndef _NGX_POSIX_CONFIG_H_INCLUDED_ #define _NGX_POSIX_CONFIG_H_INCLUDED_ #if (NGX_HPUX) #define _XOPEN_SOURCE #define _XOPEN_SOURCE_EXTENDED 1 #define _HPUX_ALT_XOPEN_SOCKET_API #endif #if (NGX_TRU64) #define _REENTRANT #endif #if (NGX_GNU_HURD) #ifndef _GNU_SOURCE #define _GNU_SOURCE /* accept4() */ #endif #define _FILE_OFFSET_BITS 64 #endif #ifdef __CYGWIN__ #define timezonevar /* timezone is variable */ #define NGX_BROKEN_SCM_RIGHTS 1 #endif #include <sys/types.h> #include <sys/time.h> #if (NGX_HAVE_UNISTD_H) #include <unistd.h> #endif #if (NGX_HAVE_INTTYPES_H) #include <inttypes.h> #endif #include <stdarg.h> #include <stddef.h> /* offsetof() */ #include <stdio.h> #include <stdlib.h> #include <ctype.h> #include <errno.h> #include <string.h> #include <signal.h> #include <pwd.h> #include <grp.h> #include <dirent.h> #include <glob.h> #include <time.h> #if (NGX_HAVE_SYS_PARAM_H) #include <sys/param.h> /* statfs() */ #endif #if (NGX_HAVE_SYS_MOUNT_H) #include <sys/mount.h> /* statfs() */ #endif #if (NGX_HAVE_SYS_STATVFS_H) #include <sys/statvfs.h> /* statvfs() */ #endif #if (NGX_HAVE_SYS_FILIO_H) #include <sys/filio.h> /* FIONBIO */ #endif #include <sys/ioctl.h> /* FIONBIO */ #include <sys/uio.h> #include <sys/stat.h> #include <fcntl.h> #include <sys/wait.h> #include <sys/mman.h> #include <sys/resource.h> #include <sched.h> #include <sys/socket.h> #include <netinet/in.h> #include <netinet/tcp.h> /* TCP_NODELAY */ #include <arpa/inet.h> #include <netdb.h> #include <sys/un.h> #if (NGX_HAVE_LIMITS_H) #include <limits.h> /* IOV_MAX */ #endif #ifdef __CYGWIN__ #include <malloc.h> /* memalign() */ #endif #if (NGX_HAVE_CRYPT_H) #include <crypt.h> #endif #ifndef IOV_MAX #define IOV_MAX 16 #endif #include <ngx_auto_config.h> #if (NGX_HAVE_DLOPEN) #include <dlfcn.h> #endif #if (NGX_HAVE_POSIX_SEM) #include <semaphore.h> #endif #if (NGX_HAVE_POLL) #include <poll.h> #endif #if (NGX_HAVE_KQUEUE) #include <sys/event.h> #endif #if (NGX_HAVE_DEVPOLL) && !(NGX_TEST_BUILD_DEVPOLL) #include <sys/ioctl.h> #include <sys/devpoll.h> #endif #if (NGX_HAVE_FILE_AIO) #include <aio.h> typedef struct aiocb ngx_aiocb_t; #endif #define NGX_LISTEN_BACKLOG 511 #define ngx_debug_init() extern char **environ; #endif /* _NGX_POSIX_CONFIG_H_INCLUDED_ */