Return-Path: <new-httpd-owner-new-httpd-archive=hyperreal.org@apache.org>
Delivered-To: new-httpd-archive@hyperreal.org
Received: (qmail 12164 invoked by uid 6000); 5 Apr 1999 20:37:05 -0000
Received: (qmail 12156 invoked from network); 5 Apr 1999 20:37:02 -0000
Received: from ns.skylink.it (root@194.177.113.1)
  by taz.hyperreal.org with SMTP; 5 Apr 1999 20:37:02 -0000
Received: from kim.ispra.webweaving.org (va-147.skylink.it [194.177.113.147])
	by ns.skylink.it (8.9.1/8.8.8) with ESMTP id WAA06277
	for <new-httpd@apache.org>; Mon, 5 Apr 1999 22:35:35 +0200
Received: from webweaving.org (brunte.ispra.webweaving.org [10.0.0.12])
	by kim.ispra.webweaving.org (8.8.8/8.8.5) with ESMTP id UAA15384
	for <new-httpd@apache.org>; Mon, 5 Apr 1999 20:36:31 GMT
X-Passed: MX on Ispra.WebWeaving.org Mon, 5 Apr 1999 20:36:31 GMT and masked
X-No-Spam: Neither the receipients nor the senders email address(s) are
	to be used for Unsolicited (Commercial) Email without the
	explicit written consent of either party; as a per-message
	fee is incurred for inbound and outbound traffic to the originator.
Posted-Date: Mon, 5 Apr 1999 20:36:31 GMT
Message-ID: <37091E8F.4C49BBCB@webweaving.org>
Date: Mon, 05 Apr 1999 22:35:27 +0200
From: "Dirk-Willem van Gulik \(kim\)" <dirkx@webweaving.org>
Organization: WebWeaving m/v
X-Mailer: Mozilla 4.5 [en] (X11; I; FreeBSD 4.0-19990403-CURRENT i386)
X-Accept-Language: en
MIME-Version: 1.0
To: new-httpd@apache.org
Subject: Re: [Patch] chown-ing/chgrp-ing proxycachedir.
References: <19990405205456.A73417@engelschall.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: new-httpd-owner@apache.org
Precedence: bulk
Reply-To: new-httpd@apache.org

"Ralf S. Engelschall" wrote:
> 
> In article <Pine.BSF.4.05.9904051726420.43742-100000@brunte.ispra.webweaving.org> you wrote:
> >
> > Would this make sense ? I just spend a delicious two hours
> > on a 2400 baud satellite link to track down a failing proxy
> > cache to something as rudimentary as the file permissions :-)
> >
> > So this patch adds a conf_user; and does a chown on the
> > proxycache dir during install.
> >
> > The patch to 'configure' also does a quick verify to see
> > if the UID is present; and tries some obvious second best
> > choises. And flags a warning if needed.
> >
> > But I admit, Make's and Configures are not my cup of thee.
> > So could you comment/reject or take it from here ?
> 
> Sounds like a good idea. I've just changed the following:

Great I new I could count on you for rewriting it.. After all
what else would the author of mod_rewrite do. :-)

Some cheering:

> 1. Removed "$conf_user" in for-loop because it's already present because of
>    the explicit "nobody" in the list.

I added it because I wrongly assumed people could change the
declaration somehow into something silly.
 
> 2. Adjusted the programming style to our usually used one.

Thanks !
 
> 3. Added a backslash in front of ^ because there platforms
>    were we already have seen problems with unquoted ^ chars
>    in egreps (don't know why ^ causes this!).

Great !
 
> 4. I've also changed the gid checks to the same for-loop approach to be
>    consistent. Additionally the gid checks now use more gids, too.


Yoo ! It gets better and better..

> 5. Removed the "opening ..." and "server configured to run with 'guessed'
>    user..." message because I think they confuse people because they don't
>    understand it while installing (one need to know the background of the
>    uid/gid switch because of the User/Group directives).

But then.. a different opinion :-) I kind of put the warnings in as this
is a place where we are either 'guessing' or, behold!, knowingly insert
a value which we know to be wrong/not supported.

In other words; there is non deterministic magic at work ! (Still linear
magic though).

Now how does that sit phylosofical/ethical ?
 
> Adjusted patch is appended. Feel free to commit. I'm already +1 on it.

Will do so in a minute (unchanged).

GinTonica.
 
>                                        Ralf S. Engelschall
>                                        rse@engelschall.com
>                                        www.engelschall.com
> 
> Index: src/CHANGES
> ===================================================================
> RCS file: /e/apache/REPOS/apache-1.3/src/CHANGES,v
> retrieving revision 1.1296
> diff -u -r1.1296 CHANGES
> --- src/CHANGES 1999/04/02 10:37:59     1.1296
> +++ src/CHANGES 1999/04/05 18:53:46
> @@ -1,5 +1,10 @@
>  Changes with Apache 1.3.7
> 
> +  *) Be more smart in APACI's configure script when determining the UID/GID
> +     for User/Group directives and use the determined UID/GID to initialize
> +     the permissions on the proxycachedir.
> +     [Dirk-Willem van Gulik]
> +
>    *) Don't hard-code the path to AWK in --shadow bootstrapping Makefile.
>       [Ralf S. Engelschall] PR#4050
> 
> Index: configure
> ===================================================================
> RCS file: /e/apache/REPOS/apache-1.3/configure,v
> retrieving revision 1.79
> diff -u -r1.79 configure
> --- configure   1999/04/02 10:38:03     1.79
> +++ configure   1999/04/05 18:51:08
> @@ -1004,19 +1004,29 @@
> 
>  ##
>  ##  determine special configuration parameters
> +##
> +##  The checks via /etc/passwd and /etc/group will obviously fail
> +##  on platforms using NIS. But then you propably do not want a
> +##  UID/GID as production oriented as a web server in NIS anyway.
>  ##
> +conf_user="nobody"
>  conf_group="#-1"
>  conf_port="80"
>  conf_serveradmin="you@your.address"
>  conf_servername="new.host.name"
>  if [ "x$confadjust" = "x1" ]; then
> -    if [ ".`egrep '^nobody:' /etc/group`" != . ]; then
> -        conf_group="nobody"
> -    else
> -        if [ ".`egrep '^nogroup:' /etc/group`" != . ]; then
> -            conf_group="nogroup"
> +    for uid in nobody www daemon demon http httpd; do
> +        if [ "x`egrep \^${uid}: /etc/passwd`" != "x" ]; then
> +            conf_user="$uid"
> +            break
>          fi
> -    fi
> +    done
> +    for gid in nobody nogroup www daemon demon http httpd; do
> +        if [ "x`egrep \^${gid}: /etc/group`" != "x" ]; then
> +            conf_group="$gid"
> +            break
> +        fi
> +    done
>      if [ ".`id | grep root`" = . ]; then
>          conf_port="8080"
>      fi
> @@ -1122,6 +1132,7 @@
>  -e "s%@suexec_uidmin@%$suexec_uidmin%g" \
>  -e "s%@suexec_gidmin@%$suexec_gidmin%g" \
>  -e "s%@suexec_safepath@%$suexec_safepath%g" \
> +-e "s%@conf_user@%$conf_user%g" \
>  -e "s%@conf_group@%$conf_group%g" \
>  -e "s%@conf_port@%$conf_port%g" \
>  -e "s%@conf_serveradmin@%$conf_serveradmin%g" \
> Index: Makefile.tmpl
> ===================================================================
> RCS file: /e/apache/REPOS/apache-1.3/Makefile.tmpl,v
> retrieving revision 1.69
> diff -u -r1.69 Makefile.tmpl
> --- Makefile.tmpl       1999/03/29 11:40:18     1.69
> +++ Makefile.tmpl       1999/04/05 18:33:51
> @@ -134,6 +134,7 @@
>  suexec_safepath = @suexec_safepath@
> 
>  #   some substituted configuration parameters
> +conf_user        = @conf_user@
>  conf_group       = @conf_group@
>  conf_port        = @conf_port@
>  conf_serveradmin = @conf_serveradmin@
> @@ -256,6 +257,8 @@
>         $(MKDIR) $(root)$(runtimedir)
>         $(MKDIR) $(root)$(logfiledir)
>         $(MKDIR) $(root)$(proxycachedir)
> +       chown $(conf_user) $(root)$(proxycachedir)
> +       chgrp $(conf_group) $(root)$(proxycachedir)
>         @echo "<=== [mktree]"
> 
>  #   install the server program and optionally corresponding
> @@ -442,6 +445,7 @@
>                         -e "s;logs/agent_log;$(logfiledir)/$${target_prefix}agent_log;" \
>                         -e 's;conf/magic;$(sysconfdir)/magic;' \
>                         -e 's;conf/mime\.types;$(sysconfdir)/mime.types;' \
> +                       -e 's;User nobody;User $(conf_user);' \
>                         -e 's;Group #-1;Group $(conf_group);' \
>                         -e 's;Port 80;Port $(conf_port);' \
>                         -e 's;ServerAdmin you@your.address;ServerAdmin $(conf_serveradmin);' \