Q: Can Apache Run as 'Root' and as an Alias ?

Q: Can Apache Run as 'Root' and as an Alias ?

Post by Eisen Ch » Wed, 23 Sep 1998 04:00:00



To All:

Question about the Apache Server:

  If I am running it as say 'root', is there a
  way to have it access a read-only volume as
  say 'guest' ?

  Or is the only way of setting access to files
  & volumes thru 'chmod' ?

  How do I ascertain under what userid Apache is
  running under ?

  Thanks in Advance,

  Eisen
  Chicago

 
 
 

Q: Can Apache Run as 'Root' and as an Alias ?

Post by Alan Coopersmi » Wed, 23 Sep 1998 04:00:00



>  If I am running it as say 'root', is there a
>  way to have it access a read-only volume as
>  say 'guest' ?

If you make the mistake of running Apache as root, you could edit the
source to change user id before accessing files on that volume.  On the
other hand, it'd be easier and safer to just have apache run as 'guest'
if guest can access all the files you need to serve.

Quote:>  How do I ascertain under what userid Apache is
>  running under ?

You could look at the configuration files or use the 'ps' command.

--
________________________________________________________________________

Univ. of California at Berkeley         http://soar.Berkeley.EDU/~alanc/


 
 
 

Q: Can Apache Run as 'Root' and as an Alias ?

Post by Ron Klatchk » Wed, 23 Sep 1998 04:00:00



>   If I am running it as say 'root', is there a
>   way to have it access a read-only volume as
>   say 'guest' ?

Are you sure you are running the server as root?  Although the parent
process is usually started as root, unless you have compiled your server
specially (with -DBIG_SECURITY_HOLE), you are required to have the
children processes run as a different user.  See
http://www.apache.org/docs/mod/core.html#user.

Setting the user is an all or nothing sort of deal.  If you want it to
access a volume as 'guest', it must do all it's work as guest (ignoring
the parent process which is special).

Quote:>   How do I ascertain under what userid Apache is
>   running under ?

You can look for the User directive in the configuration file.  You can
use ps with an option that prints the user (-f for SysV, -u for BSD).
You can run the following CGI:

#!/bin/sh
echo "content-type: text/plain"
echo
/usr/ucb/whoami

moo
----------------------------------------------------------------------
          Ron Klatchko - Manager, Advanced Technology Group          
           UCSF Library and Center for Knowledge Management          

 
 
 

1. 3 Qs: sio0 overflows, "unknown class 'root'", identd

Hi,

I have a few questions about some entries in my /var/log/messages file
that I was hoping some bright spark could illuminate me on. :)

The first query is about a whole bunch of these:

  <date> <host> /kernel: sio0: 1 more silo overflow (total <count>)

At first I suspected it was to so with me driving my modem port at
115,200 because it's a 16450 UART. Am I correct in my impression that a
16450 UART can be run at 115,200, like a 16550 can?

The second query is about my identd with IRC. I have it in my inetd.conf
with the man page recommended syntax:

  ident stream tcp wait root /usr/local/sbin/identd identd -w -t120

and it actually lets me on to identd-only IRC servers. The only this is
/whois's of me still show the damn tilde (~) prefixing my username. I
get challenged by the occasional IRCOp about it (since I have my two
housemates using our network simultaneously).

Is it a problem at my end, or something to do with the fact I'm
connected via a permanent modem connection to my ISP and their identd
(or lack of) is causing problems?

The third query is about a zillion:

  <date> <host> inetd[<pid>]: login_getclass: unknown class 'root'

I'm damned if I can work out what this is all about. I wondered if it
may be something to with the identd problem mentioned above, but it
seems to happen at frequent irregular intervals 24 hours/day. (Again,
I'm not sure if it's identd involvement because we sometimes detach IRC
screens, etc).

Or might the identd problem be due to the fact I have three Windows
machines connected (via 10base2) to my FreeBSD box (which is acting as a
PPP dialup and IP translator). Could it be that 3 users with 3 different
nicks and usernames are showing up as giving the same IP, thereby
confusing the identd (doesn't ident run on IP, not username?).

If someone can wade through that lot of stuff above and give me some
answers, I'd be greatly appreciative of it. Thanks in advance.

Would you mind Ccing any replies to me via email, please? I read this
group but, obviously, am loathe to miss any input regarding these
problems..

Regards,

--
Matt Bruce

NB: Remove X's to email me (anti-spam)

2. apache log directory, restarting server after rotating logs.

3. Apache leaving 'root' httpd processes running...

4. Wanted: Config for Boca Vortex/NEC 3V

5. does anyone know how to run 'apache' as a non-root user?

6. EXT2-fs kernel panic crashes

7. running 'alias' from inside shell script problem

8. setting and exporting a variable

9. Why 'alias' cannot run by shell script?

10. Apache: srm.conf 'Alias'

11. Why can't I 'startx' except as 'root'?

12. change group 0's name from 'root' to 'staff'

13. WOLK v3.5 FINAL, Codemane 'Fin' alias 'Birthday Release'