nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-21 07:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

django: Improve handling of file uploads

Browse Source 
1. Set temporary directory to /var/tmp
2. Drop MemoryFileUploadHandler

Tests:

- During upload notice that file are in /var/tmp/system-private... folder
instead of /var/tmp.

- Upload a file but rename with another extension instead of moving to
destination through changes in code. Notice that the file is available in
/var/tmp/systemd-private... directory after the upload operation is completed.
Stop the service and notice that the file has been deleted. Folder is empty
after the service starts again.

Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
[sunil: Add PrivateTmp=yes in plinth.service file]
[sunil: Update comments]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
This commit is contained in:
Joseph Nuthalapati 2024-08-30 15:51:30 +05:30 committed by Veiko Aasa
parent 03f62f01e8
commit 21f6c9128f
No known key found for this signature in database
GPG Key ID: 478539CAE680674E
2 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
data/usr/lib/systemd/system/plinth.service
View File

@ -15,6 +15,7 @@ User=plinth
Group=plinth
StandardOutput=null
StandardError=null
PrivateTmp=yes
[Install]
WantedBy=multi-user.target

17
plinth/settings.py
View File

@ -96,6 +96,23 @@ DEBUG = False
# seems to avoid a warning while running 'django-admin makemigrations'.
DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'
# /tmp, the default value for this setting, is mounted as tmpfs which is in
# RAM. It can only handle files of size proportionate to the amount of
# available RAM. /var/tmp is on a physical disk. Most of the time, /var/tmp
# will on the same file system as the final destination of the uploaded file,
# which is the app's storage folder in /var/lib/. This eliminates an extra disk
# copy operation. Left over files in /var/tmp/ will be cleaned up when service
# stops due to PrivateTmp=yes in service's systemd unit.
FILE_UPLOAD_TEMP_DIR = '/var/tmp'
# Disable MemoryFileUploadHandler to handle files of all sizes in the same way.
# Uploaded files need to be handled by privileged methods (in a separate
# process) in order to move to the target service's directory and set required
# ownership and permissions.
FILE_UPLOAD_HANDLERS = [
"django.core.files.uploadhandler.TemporaryFileUploadHandler",
]
# Overridden based on the configuration key server_dir
FORCE_SCRIPT_NAME = '/plinth'