httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jason Funk <jasonlf...@gmail.com>
Subject Re: mutex permission denied
Date Wed, 17 Aug 2011 18:23:52 GMT
I find that if I use seteuid() to the uid of the user that my server is
running as before creating the mutex and back to root afterwards, then it
works.  Is there anything wrong with this approach?

If it is a fine way of doing it, how then do I find out what user the server
is running as? I know that it is specified in the httpd.conf file, but I do
not know how to get access to those variables in my module.

Jason

On Wed, Aug 17, 2011 at 9:49 AM, Jason Funk <jasonlfunk@gmail.com> wrote:

> Hm... interesting.
>
> I'm creating the mutex in my post_config hook. It seems like the parent
> process has to create the mutex otherwise if we want for a child a race
> condition might happen....
>
> Where is the correct place to create the mutex so that it's available to
> all child processes without introducing a race condition?
>
> Jason
>
>
> On Wed, Aug 17, 2011 at 9:39 AM, Ben Noordhuis <info@bnoordhuis.nl> wrote:
>
>> On Wed, Aug 17, 2011 at 15:20, Jason Funk <jasonlfunk@gmail.com> wrote:
>> > I am trying to implement an apr proc mutex in my module. When I created
>> the
>> > mutex with APR_LOCK_DEFAULT the mutex is successfully created but I am
>> > getting "Permission Denied" when I try to acquire the lock. I ran
>> > "apr_proc_mutex_defname" to get the name of the default mutex type and
>> it
>> > is APR_LOCK_SYSVSEM. Without changing anything else, I changed
>> > APR_LOCK_DEFAULT to APR_LOCK_POSIXSEM when creating the mutex, just to
>> see
>> > what happens and everything works fine. Of course, this isn't portable.
>> Any
>> > ideas why APR_LOCK_SYSVSEM doesn't work, but APR_LOCK_POSIXSEM does
>> work?
>>
>> I suspect that you see shmget() raising EACCES when you strace apache?
>> That's what happens when you create the mutex as root and try to
>> acquire it after httpd's dropped privileges, apr creates the semaphore
>> with mode 0600.
>>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message