[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] FP2000 user webs and SSL

Subject: [cobalt-users] FP2000 user webs and SSL
From: Jeff Bilicki <jeffb@xxxxxxxxxxxxx>
Date: Wed, 24 Nov 1999 13:02:04 -0800

On RaQ 2 there is problem accessing FrontPage 2000 user sub webs if you
have Cobalt's SSL add-on installed.   The SSL package contains a suEXEC
binary that is ready to run.  Apache automatically detects this binary
and enables it, suEXEC changes the uid and gid on scripts to httpd
instead uid of the user (see below).   The reason the main web still
works is because it is supposed to be owned by uid httpd.  To correct
this problem for the public web server as root type:
mv /usr/sbin/suexec /usr/sbin/nosuexec
/etc/rc.d/init.d/httpd.init stop
/etc/rc.d/init.d/httpd.init start

Cobalt is working to correct SSL package.

Jeff Bilicki
Cobalt Networks


From: http://www.apache.org/docs-1.2/suexec.html
After properly installing the suexec wrapper executable, you must kill
and restart the Apache server. A simple kill -1 `cat httpd.pid` will not
be enough. Upon startup of the web-server, if Apache finds a properly
configured suexec wrapper, it will print the following message to the
console: 

Configuring Apache for use with suexec wrapper. 

If you don't see this message at server startup, the server is most
likely not finding the wrapper program where it expects it, or the
executable is not installed setuid root.

Check your installation and try again. 

One way to use suEXEC is through the User and Group directives in
VirtualHost definitions. By setting these directives to values different
from the main server user ID, all requests for CGI resources will be
executed as the User and Group defined for that <VirtualHost>. If only
one or neither of these directives are specified for a <VirtualHost>
then the main server userid is assumed.

suEXEC can also be used to to execute CGI programs as the user to which
the request is being directed. This is accomplished by using the ~
character prefixing the user ID for whom execution is desired. The only
requirement needed for this feature to work is for CGI execution to be
enabled for the user and that the script must meet the scrutiny of the
security checks above.

Follow-Ups:
- Re: [cobalt-users] FP2000 user webs and SSL
  - From: Jim Euliano
- RE: [cobalt-users] FP2000 user webs and SSL
  - From: Kevin

Prev by Date: [cobalt-users] Re: [Cobalt] RAQ2 - Backup HELP!!!!
Next by Date: Re: [cobalt-users] MySQL
Previous by thread: Re: [cobalt-users] Re: [RAQ2] Sample Config of Majordomo
Next by thread: Re: [cobalt-users] FP2000 user webs and SSL

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index