httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "GUMMALAM,MOHAN (HP-Cupertino,ex2)" <mohan_gumma...@hp.com>
Subject suexec and apache2.0
Date Sat, 05 Jan 2002 01:59:13 GMT
Currently suexec does not seem to work with apache2.0.. well atleast not
completely.  The problem I seem to run into is with ~user situations.  Looks
like the suexec code (suexec.c) expects to make a distinction between ~user
calls from others by inspecting for the "~" character.  However, in
os/unix/unixd.c, the userid passed to suexec program is a numerical string
(string of numbers, corresponding to uid_t of the ~user).  As a result,
suexec always bails out for every ~user calls with the following error
message in suexec_log file:

command (/home/user/public_html/showuser.cgi) not in docroot
(/usr/local/apache2)

I have made some fix and it works.  I could post the patch(es) if required.
The files changed for this are:
    os/unix/unixd.c
    os/unix/unixd.h
    modules/generators/mod_suexec.c
    modules/generators/mod_suexec.h

1. Change the return type of get_suexec_id_doer to
   unixd_config_rec (originally ap_unix_identity_t).
2. Modify get_suexec_id_doer to return "user" string
   in the cfg->ugid.user_name structure, if the URI contains ~.
3. Call the suexec program with "~user" string if required,
   otherwise call it with uid_t of the user specified in the
   SuexecUserGroup directive in httpd.conf (the original behaviour).

If someone has a better solution, please post it.
Thanks,
M

Mime
View raw message