DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=31517>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=31517
suEXEC setuid check fails on OpenBSD
------- Additional Comments From justin.r.hall@gmail.com 2004-10-07 15:08 -------
jorton[at]redhat[dot]com requested I show the libraries httpd is linked against:
$ ldd /usr/local/apache2/sbin/httpd
/usr/local/apache2/sbin/httpd:
Start End Type Ref Name
00000000 00000000 exe 1 /usr/local/apache2/sbin/httpd
01f87000 21f91000 rlib 1 /usr/lib/libssl.so.9.0
06fc9000 26ff9000 rlib 1 /usr/lib/libcrypto.so.11.0
0a697000 2a69b000 rlib 1 /usr/local/apache2/lib/libaprutil-0.so.9.5
0b95c000 2b972000 rlib 1 /usr/local/lib/libdb.so.4.2
0232d000 22332000 rlib 1 /usr/local/lib/libexpat.so.4.0
028a3000 228a8000 rlib 1 /usr/local/apache2/lib/libapr-0.so.9.5
03817000 2381e000 rlib 2 /usr/lib/libm.so.2.0
08c49000 28c52000 rlib 2 /usr/lib/libpthread.so.6.0
0e6af000 2e6e7000 rlib 1 /usr/lib/libc.so.34.1
0028a000 0028a000 rtld 1 /usr/libexec/ld.so
Also requested was the code change to add the following line to
httpd-2.0.52/os/unix/unixd.c to show which permissions were being detected
(causing the suexec failure):
fprintf(stderr, "perms=%o, user=%d\n", wrapper.protection, wrapper.user);
The results of adding this line to the code are as follows:
$ chown root:suexec /usr/local/apache2/sbin/suexec
$ chmod 4750 /usr/local/apache2/sbin/suexec
$ ls -lF /usr/local/apache2/sbin/suexec
-rwsr-x--- 1 root suexec 30529 Oct 7 09:00 /usr/local/apache2/sbin/suexec*
$ apachectl start
perms=7520, user=0
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
|