httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lee Fellows <lfell...@4lane.com>
Subject Re: Another suexec question
Date Tue, 02 Jul 2002 14:03:09 GMT
On Tue, 2002-07-02 at 09:38, blather wrote:
> On Tue, 2002-07-02 at 08:36, Lee Fellows wrote:
> > On Tue, 2002-07-02 at 08:43, blather wrote:
> > > On Tue, 2002-07-02 at 07:37, Lee Fellows wrote:
> > > > On Tue, 2002-07-02 at 04:05, blather wrote:
> > > > > 
> > > > > Configured apache like so:
> > > > > 
> > > > > 
> > > > > [root@spider apache_1.3.26]# ./configure --enable-module=most
> > > > > --enable-shared=max --enable-suexec --suexec-docroot=/var/www
> > > > > --suexec-safepath=/bin:/usr/bin:/usr/local/bin --suexec-caller=nobody
> > > > > --suexec-logfile=/usr/local/apache/logs/suexec_log --suexec-uidmin=98
> > > > > --suexec-gidmin=98
> > > > > 
> > > > > 
> > > > > ...and read every document + maillist archive until I'm sick of it.
 The
> > > > > program is 755, in /var/www/cgi-bin and owned by owner who wants
it
> > > > > executed, parent dir is 755, apache is running as nobody(99):nobody(99).
> > > > > I'm out of ideas.  One odd thing I did notice is the suexec_log 
never
> > > > > got created at install.
> > > > > 
> > > > > Any help is appreciated.
> > > > > 
> > > > > --rjm--
> > > > > 
> > > > 
> > > >   When apache starts, does it report that suexec is enabled?
> > > > 
> > > > 
> > > > 
> > > > 
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > > For additional commands, e-mail: users-help@httpd.apache.org
> > > > 
> > > > 
> > > Sorry, yeah it does:
> > > 
> > > [Tue Jul  2 03:02:43 2002] [notice] caught SIGTERM, shutting down
> > > [Tue Jul  2 03:02:48 2002] [notice] Apache/1.3.26 (Unix) configured --
> > > resuming normal operations
> > > [Tue Jul  2 03:02:48 2002] [notice] suEXEC mechanism enabled (wrapper:
> > > /usr/local/apache/bin/suexec)
> > > [Tue Jul  2 03:02:48 2002] [notice] Accept mutex: sysvsem (Default:
> > > sysvsem)
> > > 
> > > --rjm--
> > > -- 
> > > "... one of the main causes of the fall of the Roman Empire was that,
> > > lacking zero, they had no way to indicate successful termination of
> > > their C
> > > programs."
> > > 
> > > 
> > 
> >   How do you call the cgi you want suEXEC to run?  (What is the url?)
> > 
> >   What do you see in the error_log for a failed request?  
> > 
> 
> It's called by http://192.168.70.10/cgi-bin/path/to/test.cgi.
  
  And access here is controlled via a 'VirtualHost' with User and
  Group set to the correct user and group in the VirtualHost section,
  not the general server section?

>  The error
> log shows the script in question failing ( it does a 'system(cp file
> testfile)' for permission reasons because the directory is 755 (and the
> script is running as nobody).

  suEXEC is not being invoked.  I would suspect because it is not
  being called through a VirtualHost or by a UserDir invocation as
  described in the documentation.

> 
> --rjm--



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message