github-starred/frp
2
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2026-05-15 08:05:49 -06:00
Code Issues 40 Projects Packages Wiki Activity Actions 1

[GH-ISSUE #3417] [Feature Request] Please allow the daemon to setuid to a particular user #2733

New issue
Closed
opened 2026-05-05 13:45:37 -06:00 by gitea-mirror · 7 comments
gitea-mirror commented 2026-05-05 13:45:37 -06:00
Owner
Copy link

Originally created by @yurivict on GitHub (Apr 19, 2023).
Original GitHub issue: https://github.com/fatedier/frp/issues/3417

Describe the feature request

The daemon needs to read certificates as root, but then it is desirable to setuid to some unprivileged user.

Describe alternatives you've considered

No response

Affected area

  • Docs
  • Installation
  • Performance and Scalability
  • Security
  • User Experience
  • Test and Release
  • Developer Infrastructure
  • Client Plugin
  • Server Plugin
  • Extensions
  • Others
Originally created by @yurivict on GitHub (Apr 19, 2023). Original GitHub issue: https://github.com/fatedier/frp/issues/3417 ### Describe the feature request The daemon needs to read certificates as root, but then it is desirable to setuid to some unprivileged user. ### Describe alternatives you've considered _No response_ ### Affected area - [ ] Docs - [ ] Installation - [ ] Performance and Scalability - [ ] Security - [ ] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [ ] Client Plugin - [ ] Server Plugin - [ ] Extensions - [ ] Others
gitea-mirror 2026-05-05 13:45:37 -06:00
gitea-mirror commented 2026-05-05 13:45:40 -06:00
Author
Owner
Copy link

@galdor commented on GitHub (Apr 19, 2023):

Being able to drop privileges to a specific user and group would be really nice; this way frp can read files such as TLS key files as root then drop to a non-privileged user for security.

You can easily do that by:

  • Fetching user and group info with user.Lookup and user.LookupGroup.
  • Calling syscall.Setgid and syscall.Setuid (in this order).
<!-- gh-comment-id:1515505247 --> @galdor commented on GitHub (Apr 19, 2023): Being able to drop privileges to a specific user and group would be really nice; this way frp can read files such as TLS key files as root then drop to a non-privileged user for security. You can easily do that by: - Fetching user and group info with `user.Lookup` and `user.LookupGroup`. - Calling `syscall.Setgid` and `syscall.Setuid` (in this order).
gitea-mirror commented 2026-05-05 13:45:41 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Apr 20, 2023):

I am not inclined to introduce such complexity, as it is not a universal solution.

<!-- gh-comment-id:1515639552 --> @fatedier commented on GitHub (Apr 20, 2023): I am not inclined to introduce such complexity, as it is not a universal solution.
gitea-mirror commented 2026-05-05 13:45:41 -06:00
Author
Owner
Copy link

@yurivict commented on GitHub (Apr 20, 2023):

Why is it not a universal solution?

A lot of network servers use such strategy to improve security.

<!-- gh-comment-id:1515655983 --> @yurivict commented on GitHub (Apr 20, 2023): Why is it not a universal solution? A lot of network servers use such strategy to improve security.
gitea-mirror commented 2026-05-05 13:45:42 -06:00
Author
Owner
Copy link

@galdor commented on GitHub (Apr 20, 2023):

This is standard procedure for many security-aware daemons. And it is not that complex, you can do it in a couple lines of code!

<!-- gh-comment-id:1516091036 --> @galdor commented on GitHub (Apr 20, 2023): This is standard procedure for many security-aware daemons. And it is not that complex, you can do it in a couple lines of code!
gitea-mirror commented 2026-05-05 13:45:43 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Apr 20, 2023):

Doing it this way is very inelegant. A better approach would be a unified solution that is independent of the application.

If we need to support certificate renewal in the future, do we need to switch users regularly?

<!-- gh-comment-id:1516123386 --> @fatedier commented on GitHub (Apr 20, 2023): Doing it this way is very inelegant. A better approach would be a unified solution that is independent of the application. If we need to support certificate renewal in the future, do we need to switch users regularly?
gitea-mirror commented 2026-05-05 13:45:43 -06:00
Author
Owner
Copy link

@galdor commented on GitHub (Apr 20, 2023):

If you want to support dynamic certificate renewal, you are in trouble. What NGINX does is to maintain both a master process running as root and one or more worker processes running as a non-privileged user. This would be a large and complex change though.

But Frp does not support certificate renewal, and restarting the daemon every couple months on certificate rotation is a non issue.

I understand if you believe this feature could be a problem in the future.

If anyone reading this issue needs to run Frp as a non-root user with TLS, I've wrote an article where I explain how to use NGINX as TLS interface to Frp.

<!-- gh-comment-id:1516149991 --> @galdor commented on GitHub (Apr 20, 2023): If you want to support dynamic certificate renewal, you are in trouble. What NGINX does is to maintain both a master process running as root and one or more worker processes running as a non-privileged user. This would be a large and complex change though. But Frp does not support certificate renewal, and restarting the daemon every couple months on certificate rotation is a non issue. I understand if you believe this feature could be a problem in the future. If anyone reading this issue needs to run Frp as a non-root user with TLS, I've wrote an [article](https://www.n16f.net/blog/replacing-ngrok-with-frp/) where I explain how to use NGINX as TLS interface to Frp.
gitea-mirror commented 2026-05-05 13:45:44 -06:00
Author
Owner
Copy link

@github-actions[bot] commented on GitHub (May 21, 2023):

Issues go stale after 30d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.

<!-- gh-comment-id:1556051828 --> @github-actions[bot] commented on GitHub (May 21, 2023): Issues go stale after 30d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
new
master
copilot/review-pull-request-5198
v0.68.1
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.1
v0.62.0
v0.61.2
v0.61.1
v0.61.0
v0.60.0
v0.59.0
v0.58.1
v0.58.0
v0.57.0
v0.56.0
v0.55.1
v0.55.0
v0.54.0
v0.53.2
v0.53.1
v0.53.0
v0.52.3
v0.52.2
v0.52.1
v0.52.0
v0.51.3
v0.51.2
v0.51.1
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.1
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.1
v0.39.0
v0.38.0
v0.37.1
v0.37.0
v0.36.2
v0.36.1
v0.36.0
v0.35.1
v0.35.0
v0.34.3
v0.34.2
v0.34.1
v0.34.0
v0.33.0
v0.32.1
v0.32.0
v0.31.2
v0.31.1
v0.31.0
v0.30.0
v0.29.1
v0.29.0
v0.28.2
v0.28.1
v0.28.0
v0.27.1
v0.27.0
v0.26.0
v0.25.3
v0.25.2
v0.25.1
v0.25.0
v0.24.1
v0.24.0
v0.23.3
v0.23.2
v0.23.1
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.1
v0.19.0
v0.18.0
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
In Progress

   
WIP

   
WaitingForInfo

   
bug

   
doc

   
duplicate

   
easy

   
enhancement

   
future

   
help wanted

   
invalid

   
lifecycle/stale

   
need-issue-template

   
need-usage-help

   
no plan

   
proposal

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
todo
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#2733
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?