httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hemant Chaudhary <hemantdude.chaudh...@gmail.com>
Subject Re: AW: [users@httpd] Run apache without master [wd-vc]
Date Wed, 13 Sep 2017 13:01:59 GMT
As i have seen in my system that master process also binds to port that i
have given in my configuration. Then how master process is binding to port
80 ? If i am running my apache other than root user then how can master
binds to port 80 ?

If i am running apache as root user then on any port my apache is working
but other than root user, i need to give port greater than 1024.

Thanks
Hemant

On Sep 13, 2017 5:56 PM, "Bremser, Kurt (Allianz Technology GmbH)" <
Kurt.Bremser@allianz.at> wrote:

> Spawning children servers one very important purpose: while the master has
> to be run as root to bind to the privileged port 80, the child is spawned
> as the user named in the configuration, reducing security issues by orders
> of magnitude.
> Changing that and running the whole server process (inlcuding spawned cgi
> scripts etc) as root would be extremely stupid, IMO.
>
> Kurt Bremser
> Allianz Technology GmbH
>
> Newton was wrong. There is no gravity. The Earth sucks.
> ________________________________________
> Von: Hemant Chaudhary [hemantdude.chaudhary@gmail.com]
> Gesendet: Mittwoch, 13. September 2017 14:03
> An: users@httpd.apache.org
> Betreff: Re: [users@httpd] Run apache without master [wd-vc]
>
> Yes true. I want to start only one process and it should not spawn child
> processes.
> In apache, we have master process and then it spawns child. After that
> child serves requests by client.
> My aim is to start master process and it should not spawn child as well as
> it should serve requests from client.
>
> Thanks
> Hemant
>
> On Wed, Sep 13, 2017 at 5:18 PM, Bremser, Kurt (Allianz Technology GmbH) <
> Kurt.Bremser@allianz.at<mailto:Kurt.Bremser@allianz.at>> wrote:
> In most cases, you can only have ONE process binding to ONE
> IP-address/port combination. Children of this process will then inherit the
> socket, which is the way how apache works.
>
> On Linux and BSD, there is the SO_REUSEPORT option that can be set by a
> listening process, so that other processes can also bind to the socket, and
> let the OS handle which incoming data ends up where.
> If you think about that, it opens the port up for hijacking, as the
> initial listener process has no idea which other processes might also bind
> to the port and intercept traffic.
>
> So the apache method of one master process binding to the port and
> spawning children is the prudent one.
>
> Kurt Bremser
> Allianz Technology GmbH
>
> Newton was wrong. There is no gravity. The Earth sucks.
> ________________________________________
> Von: Hemant Chaudhary [hemantdude.chaudhary@gmail.com<mailto:hemantdude.
> chaudhary@gmail.com>]
> Gesendet: Mittwoch, 13. September 2017 13:29
> An: users@httpd.apache.org<mailto:users@httpd.apache.org>
> Betreff: Re: [users@httpd] Run apache without master [wd-vc]
>
> Hi
>
> I want to create different processes not forking from parent or anywhere.
> It is still okay if parent process is started and parent process will not
> fork child processes but parent should serve requests.
>
> On Sep 13, 2017 4:47 PM, "Eric Covener" <covener@gmail.com<mailto:cove
> ner@gmail.com><mailto:covener@gmail.com<mailto:covener@gmail.com>>>
wrote:
> On Wed, Sep 13, 2017 at 7:09 AM, Hemant Chaudhary
> <hemantdude.chaudhary@gmail.com<mailto:hemantdude.chaudhary@gmail.com
> ><mailto:hemantdude.chaudhary@gmail.com<mailto:hemantdude.chaudhary@
> gmail.com>>> wrote:
> > Hi,
> >
> > I want to start my apache without master process means when I will give
> > "httpd" command, it should start 5 worker process which has access to
> > httpd.conf as well as serve requests.
> >
> > Is it possible to achieve this ? If yes, then how should to achieve this
> ?
>
> Not really. Why not just ignore the parent process? The worst thing
> that can happen is that it doesn't manage the children, which you're
> already losing in this hypothetical setup.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org<mailto:users-
> unsubscribe@httpd.apache.org><mailto:users-unsubscribe@httpd.apache.org
> <mailto:users-unsubscribe@httpd.apache.org>>
> For additional commands, e-mail: users-help@httpd.apache.org<mailto:
> users-help@httpd.apache.org><mailto:users-help@httpd.apache.org<mailto:
> users-help@httpd.apache.org>>
>
>
> Allianz Technology GmbH
> 1130 Wien, Hietzinger Kai 101-105
> FN 365014k, Handelsgericht Wien
> UID: ATU 66614737
>
> http://www.allianz.at
>
> ********************************************************
> Dieses E-Mail und allfaellig daran angeschlossene Anhaenge
> enthalten Informationen, die vertraulich und
> ausschliesslich fuer den (die) bezeichneten Adressaten
> bestimmt sind.
> Wenn Sie nicht der genannte Adressat sind, darf dieses
> E-Mail samt allfaelliger Anhaenge von Ihnen weder anderen
> Personen zugaenglich gemacht noch in anderer Weise
> verwertet werden.
> Wenn Sie nicht der beabsichtigte Empfaenger sind, bitten
> wir Sie, dieses E-Mail und saemtliche angeschlossene
> Anhaenge zu loeschen.
>
> Please note: This email and any files transmitted with it is
> intended only for the named recipients and may contain
> confidential and/or privileged information. If you are not the
> intended recipient, please do not read, copy, use or disclose
> the contents of this communication to others and notify the
> sender immediately. Then please delete the email and any
> copies of it. Thank you.
>
> ********************************************************
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org<mailto:users-
> unsubscribe@httpd.apache.org>
> For additional commands, e-mail: users-help@httpd.apache.org<mailto:
> users-help@httpd.apache.org>
>
>
>
> Allianz Technology GmbH
> 1130 Wien, Hietzinger Kai 101-105
> FN 365014k, Handelsgericht Wien
> UID: ATU 66614737
>
> http://www.allianz.at
>
> ********************************************************
> Dieses E-Mail und allfaellig daran angeschlossene Anhaenge
> enthalten Informationen, die vertraulich und
> ausschliesslich fuer den (die) bezeichneten Adressaten
> bestimmt sind.
> Wenn Sie nicht der genannte Adressat sind, darf dieses
> E-Mail samt allfaelliger Anhaenge von Ihnen weder anderen
> Personen zugaenglich gemacht noch in anderer Weise
> verwertet werden.
> Wenn Sie nicht der beabsichtigte Empfaenger sind, bitten
> wir Sie, dieses E-Mail und saemtliche angeschlossene
> Anhaenge zu loeschen.
>
> Please note: This email and any files transmitted with it is
> intended only for the named recipients and may contain
> confidential and/or privileged information. If you are not the
> intended recipient, please do not read, copy, use or disclose
> the contents of this communication to others and notify the
> sender immediately. Then please delete the email and any
> copies of it. Thank you.
>
> ********************************************************
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

Mime
View raw message