Re: Apache graceful as non-root
On Tue, Jan 09, 2001 at 01:50:31AM -0800, Osamu Aoki wrote:
> I aint expert but... someidea.
>
> Perl has SUID module (havent used it... but heard.)
>
> Alternatively write a super short C program which runs your script
> and make its binary SUID.
>
> Good luck.
>
> On Tue, Jan 09, 2001 at 09:38:59AM +0100, Sven Burgener wrote:
> > Hello Nate
> >
> > [yes, do CC: me]
> >
> > Nate Amsden wrote:
> > >
> > > Sven Burgener wrote:
> > > >
> > > > Is there a way to do "apachectl graceful" as non-root user? Because when
> > > > I do, I get an error about denied permission for binding to port 80.
> > >
> > > you could i bet if you made apachectl setuid root but if security is
> > > an issue i wouldn't reccomend it. to do this do chmod u+s apachectl
> >
> > Tried it. Doesn't work; Linux seems to silently drop suid root privilges
> > on shell scripts.
> >
> > > or you could configure sudo (haven't really messed with sudo can't
> > > help ya there ..)
> >
> > Still requires you to enter the user's password though, right? I don't
> > want to be putting that in the shell script that's callling "apachectl
> > graceful".
At least one problem I can think of, is the program binding port 80 has
to have root priveledges. That's why the parent apache process is root
while all others are www-data. I seem to recall some program or setting
that allows non-root programs to bind to the low ports (<1024). Find
that program/setting and your in.
--
Eric G. Miller <egm2@jps.net>
Reply to: