Merge pull request PelicanPlatform#907 from jhiemstrawisc/issue-906

Configure 'sec.protbind' for public origins
jhiemstrawisc · Mar 7, 2024 · 80602d4 · 80602d4
2 parents 2478671 + a792012
commit 80602d4
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 19 deletions.
diff --git a/param/parameters_struct.go b/param/parameters_struct.go
diff --git a/xrootd/resources/xrootd-origin.cfg b/xrootd/resources/xrootd-origin.cfg
@@ -31,6 +31,9 @@ xrd.tlsca certfile {{.Server.TLSCACertificateFile}}
 {{if eq .Origin.EnableDirListing false}}
 http.listingdeny true
 {{end}}
+{{if eq .Origin.EnablePublicReads true}}
+sec.protbind * none
+{{end}}
 {{if .Origin.EnableMacaroons}}
 http.exthandler xrdmacaroons libXrdMacaroons.so
 macaroons.secretkey {{.Xrootd.MacaroonsKeyFile}}

diff --git a/xrootd/xrootd_config.go b/xrootd/xrootd_config.go
@@ -79,23 +79,24 @@ enable = true
 
 type (
 	OriginConfig struct {
-		Multiuser        bool
-		EnableCmsd       bool
-		EnableMacaroons  bool
-		EnableVoms       bool
-		EnableDirListing bool
-		SelfTest         bool
-		CalculatedPort   string
-		NamespacePrefix  string
-		RunLocation      string
-		Mode             string
-		S3Bucket         string
-		S3Region         string
-		S3ServiceName    string
-		S3ServiceUrl     string
-		S3AccessKeyfile  string
-		S3SecretKeyfile  string
-		S3UrlStyle       string
+		Multiuser         bool
+		EnableCmsd        bool
+		EnableMacaroons   bool
+		EnableVoms        bool
+		EnablePublicReads bool
+		EnableDirListing  bool
+		SelfTest          bool
+		CalculatedPort    string
+		NamespacePrefix   string
+		RunLocation       string
+		Mode              string
+		S3Bucket          string
+		S3Region          string
+		S3ServiceName     string
+		S3ServiceUrl      string
+		S3AccessKeyfile   string
+		S3SecretKeyfile   string
+		S3UrlStyle        string
 	}
 
 	CacheConfig struct {