httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From c...@apache.org
Subject cvs commit: httpd-2.0/docs/man suexec.8
Date Fri, 09 Mar 2001 20:20:32 GMT
coar        01/03/09 12:20:32

  Modified:    .        CHANGES
               support  suexec.c
               docs/man suexec.8
  Log:
  	Bring forward the -V option for suexec from 1.3.20-dev.  It looks
  	like the umask() option needs to be brought forward, as well.
  	Is this still 2.0.14-dev?
  
  Revision  Changes    Path
  1.126     +4 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.125
  retrieving revision 1.126
  diff -u -u -r1.125 -r1.126
  --- CHANGES	2001/03/08 20:03:30	1.125
  +++ CHANGES	2001/03/09 20:20:29	1.126
  @@ -1,5 +1,9 @@
   Changes with Apache 2.0.14
   
  +  *) Add a -V flag to suexec, which causes it to display the
  +     compile-time settings with which it was built.  (Only
  +     usable by root or the AP_HTTPD_USER username.)  [Ken Coar]
  +
     *) Mod_include should always unset the content-length if the file is
        going to be passed through send_parsed_content.  There is no to
        determine if the content will change before actually scanning the
  
  
  
  1.13      +50 -11    httpd-2.0/support/suexec.c
  
  Index: suexec.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/support/suexec.c,v
  retrieving revision 1.12
  retrieving revision 1.13
  diff -u -u -r1.12 -r1.13
  --- suexec.c	2001/03/01 00:55:03	1.12
  +++ suexec.c	2001/03/09 20:20:30	1.13
  @@ -265,11 +265,60 @@
       struct stat dir_info;	/* directory info holder     */
       struct stat prg_info;	/* program info holder       */
   
  +    prog = argv[0];
       /*
  +     * Check existence/validity of the UID of the user
  +     * running this program.  Error out if invalid.
  +     */
  +    uid = getuid();
  +    if ((pw = getpwuid(uid)) == NULL) {
  +	log_err("crit: invalid uid: (%ld)\n", uid);
  +	exit(102);
  +    }
  +    /*
  +     * See if this is a 'how were you compiled' request, and
  +     * comply if so.
  +     */
  +    if ((argc > 1)
  +        && (! strcmp(argv[1], "-V"))
  +        && ((uid == 0)
  +#ifdef _OSD_POSIX
  +        /* User name comparisons are case insensitive on BS2000/OSD */
  +            || (! strcasecmp(AP_HTTPD_USER, pw->pw_name)))
  +#else  /* _OSD_POSIX */
  +            || (! strcmp(AP_HTTPD_USER, pw->pw_name)))
  +#endif /* _OSD_POSIX */
  +        ) {
  +#ifdef AP_DOC_ROOT
  +        fprintf(stderr, " -D AP_DOC_ROOT=\"%s\"\n", AP_DOC_ROOT);
  +#endif
  +#ifdef AP_GID_MIN
  +        fprintf(stderr, " -D AP_GID_MID=%d\n", AP_GID_MIN);
  +#endif
  +#ifdef AP_HTTPD_USER
  +        fprintf(stderr, " -D AP_HTTPD_USER=\"%s\"\n", AP_HTTPD_USER);
  +#endif
  +#ifdef AP_LOG_EXEC
  +        fprintf(stderr, " -D AP_LOG_EXEC=\"%s\"\n", AP_LOG_EXEC);
  +#endif
  +#ifdef SAFE_PATH
  +        fprintf(stderr, " -D SAFE_PATH=\"%s\"\n", SAFE_PATH);
  +#endif
  +#ifdef SUEXEC_UMASK
  +        fprintf(stderr, " -D SUEXEC_UMASK=%03o\n", SUEXEC_UMASK);
  +#endif
  +#ifdef AP_UID_MIN
  +        fprintf(stderr, " -D AP_UID_MID=%d\n", AP_UID_MIN);
  +#endif
  +#ifdef AP_USERDIR_SUFFIX
  +        fprintf(stderr, " -D AP_USERDIR_SUFFIX=\"%s\"\n", AP_USERDIR_SUFFIX);
  +#endif
  +        exit(0);
  +    }
  +    /*
        * If there are a proper number of arguments, set
        * all of them to variables.  Otherwise, error out.
        */
  -    prog = argv[0];
       if (argc < 4) {
   	log_err("too few arguments\n");
   	exit(101);
  @@ -277,16 +326,6 @@
       target_uname = argv[1];
       target_gname = argv[2];
       cmd = argv[3];
  -
  -    /*
  -     * Check existence/validity of the UID of the user
  -     * running this program.  Error out if invalid.
  -     */
  -    uid = getuid();
  -    if ((pw = getpwuid(uid)) == NULL) {
  -	log_err("invalid uid: (%ld)\n", uid);
  -	exit(102);
  -    }
   
       /*
        * Check to see if the user running this program
  
  
  
  1.5       +15 -9     httpd-2.0/docs/man/suexec.8
  
  Index: suexec.8
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/man/suexec.8,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -u -r1.4 -r1.5
  --- suexec.8	2001/02/16 04:26:28	1.4
  +++ suexec.8	2001/03/09 20:20:31	1.5
  @@ -1,4 +1,4 @@
  -.TH suexec 8 "March 1998"
  +.TH suexec 8 "March 2001"
   .\" The Apache Software License, Version 1.1
   .\"
   .\" Copyright (c) 2000-2001 The Apache Software Foundation.  All rights
  @@ -53,17 +53,23 @@
   .SH NAME
   suexec \- Switch User For Exec
   .SH SYNOPSIS
  -No synopsis for usage, because this program
  -is used internally by Apache only. 
  +.B suexec -V
   .PP
  +No other synopsis for usage, because this program
  +is otherwise only used internally by the Apache HTTP server. 
  +.PP
   .SH DESCRIPTION
   .B suexec
  -is the "wrapper" support program for the suEXEC behaviour for Apache.
  -It is run from within Apache automatically to switch the user when
  -an external program has to be run under a different user. For more
  -information about suEXEC see the document `Apache suEXEC Support'
  -under http://www.apache.org/docs/suexec.html .
  +is the "wrapper" support program for the suexec behaviour for the
  +Apache HTTP server.  It is run from within the server automatically
  +to switch the user when an external program has to be run under a
  +different user. For more information about suexec, see the online
  +document `Apache suexec Support' on the HTTP server project's
  +Web site at  http://httpd.apache.org/docs/suexec.html .
  +.SH OPTIONS
  +.IP -V
  +Display the list of compile-time settings used when \fBsuexec\fP
  +was built.  No other action is taken.
   .PD
   .SH SEE ALSO
   .BR httpd(8)
  -.
  
  
  

Mime
View raw message