On Thu, Oct 19, 2017 at 11:36:50AM +0200, Jeremie Courreges-Anglas wrote: > On Wed, Oct 18 2017, Jan Klemkow <j.klem...@wemelug.de> wrote: > > On Wed, Oct 18, 2017 at 08:37:48PM +0000, Jason McIntyre wrote: > >> On Wed, Oct 18, 2017 at 10:25:13PM +0200, Jan Klemkow wrote: > >> > This diff adds an option for client IP address path prefixes to the > >> > tftpd(8). First, I used the -r rewrite socket for this, but... > >> > > >> > If you use the rewrite socket feature, the tftpd(8) will exit with an > >> > error when the rewrite socket is closed. A reopen of the socket is not > >> > possible, if its outside of the chroot directory. And a privilege > >> > separated tftpd(8) is a bit overkill for a stable per client path > >> > rewrite feature. This story led me to this change here. > > I think it makes sense to support this feature without the need for an > additional unix service.
Guys, wouldn't be a way to re-used httpd lua patterns here? If a rewrite daemon should be trusted, it should listen on < 1024 ports, and wouldn't most people let such rewrite daemon run under root user? Jiri
