httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ralf S. Engelschall" <...@engelschall.com>
Subject Re: [Patch] chown-ing/chgrp-ing proxycachedir.
Date Mon, 05 Apr 1999 18:54:56 GMT

In article <Pine.BSF.4.05.9904051726420.43742-100000@brunte.ispra.webweaving.org> you
wrote:
> 
> Would this make sense ? I just spend a delicious two hours
> on a 2400 baud satellite link to track down a failing proxy
> cache to something as rudimentary as the file permissions :-)
> 
> So this patch adds a conf_user; and does a chown on the
> proxycache dir during install.
> 
> The patch to 'configure' also does a quick verify to see
> if the UID is present; and tries some obvious second best
> choises. And flags a warning if needed.
> 
> But I admit, Make's and Configures are not my cup of thee.
> So could you comment/reject or take it from here ? 

Sounds like a good idea. I've just changed the following:

1. Removed "$conf_user" in for-loop because it's already present because of
   the explicit "nobody" in the list.

2. Adjusted the programming style to our usually used one.

3. Added a backslash in front of ^ because there platforms
   were we already have seen problems with unquoted ^ chars
   in egreps (don't know why ^ causes this!).

4. I've also changed the gid checks to the same for-loop approach to be
   consistent. Additionally the gid checks now use more gids, too.

5. Removed the "opening ..." and "server configured to run with 'guessed'
   user..." message because I think they confuse people because they don't
   understand it while installing (one need to know the background of the
   uid/gid switch because of the User/Group directives).

Adjusted patch is appended. Feel free to commit. I'm already +1 on it.

                                       Ralf S. Engelschall
                                       rse@engelschall.com
                                       www.engelschall.com

Index: src/CHANGES
===================================================================
RCS file: /e/apache/REPOS/apache-1.3/src/CHANGES,v
retrieving revision 1.1296
diff -u -r1.1296 CHANGES
--- src/CHANGES	1999/04/02 10:37:59	1.1296
+++ src/CHANGES	1999/04/05 18:53:46
@@ -1,5 +1,10 @@
 Changes with Apache 1.3.7
 
+  *) Be more smart in APACI's configure script when determining the UID/GID
+     for User/Group directives and use the determined UID/GID to initialize
+     the permissions on the proxycachedir.
+     [Dirk-Willem van Gulik]
+
   *) Don't hard-code the path to AWK in --shadow bootstrapping Makefile.
      [Ralf S. Engelschall] PR#4050
 
Index: configure
===================================================================
RCS file: /e/apache/REPOS/apache-1.3/configure,v
retrieving revision 1.79
diff -u -r1.79 configure
--- configure	1999/04/02 10:38:03	1.79
+++ configure	1999/04/05 18:51:08
@@ -1004,19 +1004,29 @@
 
 ##
 ##  determine special configuration parameters
+## 
+##  The checks via /etc/passwd and /etc/group will obviously fail
+##  on platforms using NIS. But then you propably do not want a
+##  UID/GID as production oriented as a web server in NIS anyway.
 ##
+conf_user="nobody"
 conf_group="#-1"
 conf_port="80"
 conf_serveradmin="you@your.address"
 conf_servername="new.host.name"
 if [ "x$confadjust" = "x1" ]; then
-    if [ ".`egrep '^nobody:' /etc/group`" != . ]; then
-        conf_group="nobody"
-    else
-        if [ ".`egrep '^nogroup:' /etc/group`" != . ]; then
-            conf_group="nogroup"
+    for uid in nobody www daemon demon http httpd; do 
+        if [ "x`egrep \^${uid}: /etc/passwd`" != "x" ]; then
+            conf_user="$uid"
+            break
         fi
-    fi
+    done
+    for gid in nobody nogroup www daemon demon http httpd; do 
+        if [ "x`egrep \^${gid}: /etc/group`" != "x" ]; then
+            conf_group="$gid"
+            break
+        fi
+    done
     if [ ".`id | grep root`" = . ]; then
         conf_port="8080"
     fi
@@ -1122,6 +1132,7 @@
 -e "s%@suexec_uidmin@%$suexec_uidmin%g" \
 -e "s%@suexec_gidmin@%$suexec_gidmin%g" \
 -e "s%@suexec_safepath@%$suexec_safepath%g" \
+-e "s%@conf_user@%$conf_user%g" \
 -e "s%@conf_group@%$conf_group%g" \
 -e "s%@conf_port@%$conf_port%g" \
 -e "s%@conf_serveradmin@%$conf_serveradmin%g" \
Index: Makefile.tmpl
===================================================================
RCS file: /e/apache/REPOS/apache-1.3/Makefile.tmpl,v
retrieving revision 1.69
diff -u -r1.69 Makefile.tmpl
--- Makefile.tmpl	1999/03/29 11:40:18	1.69
+++ Makefile.tmpl	1999/04/05 18:33:51
@@ -134,6 +134,7 @@
 suexec_safepath = @suexec_safepath@
 
 #   some substituted configuration parameters
+conf_user        = @conf_user@
 conf_group       = @conf_group@
 conf_port        = @conf_port@
 conf_serveradmin = @conf_serveradmin@
@@ -256,6 +257,8 @@
 	$(MKDIR) $(root)$(runtimedir)
 	$(MKDIR) $(root)$(logfiledir)
 	$(MKDIR) $(root)$(proxycachedir)
+	chown $(conf_user) $(root)$(proxycachedir)
+	chgrp $(conf_group) $(root)$(proxycachedir)
 	@echo "<=== [mktree]"
 
 #   install the server program and optionally corresponding
@@ -442,6 +445,7 @@
 			-e "s;logs/agent_log;$(logfiledir)/$${target_prefix}agent_log;" \
 			-e 's;conf/magic;$(sysconfdir)/magic;' \
 			-e 's;conf/mime\.types;$(sysconfdir)/mime.types;' \
+			-e 's;User nobody;User $(conf_user);' \
 			-e 's;Group #-1;Group $(conf_group);' \
 			-e 's;Port 80;Port $(conf_port);' \
 			-e 's;ServerAdmin you@your.address;ServerAdmin $(conf_serveradmin);' \

Mime
View raw message