Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
|
google unix.com
|
|||||||
| Forums | Register | Forum Rules | Links | Albums | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
 |
| SUN Solaris The Solaris Operating System, usually known simply as Solaris, is a free Unix-based operating system introduced by Sun Microsystems . |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| help me........... my apache can't start | yatmianto | SUN Solaris | 5 | 04-13-2008 11:19 PM |
| Apache start problem | maheshsri | SUN Solaris | 1 | 03-13-2006 06:07 AM |
| Start Stop Apache | MILLERJ62 | AIX | 2 | 12-27-2005 05:40 PM |
| Apache start (Was in:how can i?) [Split by LF] | donohd | UNIX for Dummies Questions & Answers | 1 | 03-19-2002 05:54 AM |
| Apache wont start | Alpha_Harblo | UNIX for Dummies Questions & Answers | 4 | 01-02-2002 09:26 PM |
 |
Powered by 
|
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
|
|
08-21-2008
|
||||
|
||||
Apache start issue
Hi group,
I need help to start apache in following scenario: 1) Say apache is installed on solaris OS by user 'root'. 2) An entry is there in httpd.conf that says to start apache process as user: #User <RUN_AS_USER> is edited as User user1 2) Now say user2 has logged and tries to start apache process. Now whosoever tries to start Apache, it should always gets start as user1. We are only able to start apache as a 'root' user. Thanks rs266 |
|
08-21-2008
|
|||||
|
|||||
|
The reason that directive exist, is that only the apache-processes that serve out pages run as a different user. Did you notice that one process always runs as root (when started as root)? The other child-processes run as a different user.
When there is a compromise of your system, the intruder will have the privileges of the apache-user and not root. Always make sure that your apache-user has no more rights than it needs... Quote:
|
|
08-21-2008
|
|||||
|
|||||
|
it might be a little easier to understand with this:
httpd.conf Code:
# # If you wish httpd to run as a different user or group, you must run # httpd as root initially and it will switch. # # User/Group: The name (or #number) of the user/group to run httpd as. # It is usually good practice to create a dedicated user and group for # running httpd, as with most system services. # User www Group www Code:
# ps -eaf | grep httpd
www 3903 3900 0 Aug 11 ? 0:00 /usr/local/apache2/bin/httpd -k start
www 4520 3901 0 Aug 19 ? 0:52 /usr/local/apache2/bin/httpd -k start
www 4519 3901 0 Aug 19 ? 0:59 /usr/local/apache2/bin/httpd -k start
www 4597 3901 0 21:26:11 ? 0:11 /usr/local/apache2/bin/httpd -k start
www 3909 3900 0 Aug 11 ? 0:00 /usr/local/apache2/bin/httpd -k start
www 3911 3900 0 Aug 11 ? 0:00 /usr/local/apache2/bin/httpd -k start
root 3901 1 0 Aug 11 ? 1:41 /usr/local/apache2/bin/httpd -k start
www 4512 3901 0 Aug 19 ? 0:46 /usr/local/apache2/bin/httpd -k start
|
|
08-21-2008
|
|||||
|
|||||
|
That's correct. Only processes launched as the 'root' user may change the user to something else (Which is what Apache is trying to do with that configuration line.) In order to start Apache in such a way, you need to use something like the "sudo" package. In the sudoers configuration file, you might add a line like this:
Code:
user2 ALL=(user1) /opt/CSWApache/bin/apachectl Code:
$ sudo -u user1 /opt/CSWApache/bin/apachectl start |
|
| Bookmarks |
| Tags |
| apache, start |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Hybrid Mode
