[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] FP2000 user webs and SSL

Subject: [cobalt-users] FP2000 user webs and SSL
From: Jeff Bilicki <jeffb@xxxxxxxxxxxxx>
Date: Wed, 24 Nov 1999 13:02:04 -0800

On RaQ 2 there is problem accessing FrontPage 2000 user sub webs if you
have Cobalt's SSL add-on installed.   The SSL package contains a suEXEC
binary that is ready to run.  Apache automatically detects this binary
and enables it, suEXEC changes the uid and gid on scripts to httpd
instead uid of the user (see below).   The reason the main web still
works is because it is supposed to be owned by uid httpd.  To correct
this problem for the public web server as root type:
mv /usr/sbin/suexec /usr/sbin/nosuexec
/etc/rc.d/init.d/httpd.init stop
/etc/rc.d/init.d/httpd.init start

Cobalt is working to correct SSL package.

Jeff Bilicki
Cobalt Networks


From: http://www.apache.org/docs-1.2/suexec.html
After properly installing the suexec wrapper executable, you must kill
and restart the Apache server. A simple kill -1 `cat httpd.pid` will not
be enough. Upon startup of the web-server, if Apache finds a properly
configured suexec wrapper, it will print the following message to the
console: 

Configuring Apache for use with suexec wrapper. 

If you don't see this message at server startup, the server is most
likely not finding the wrapper program where it expects it, or the
executable is not installed setuid root.

Check your installation and try again. 

One way to use suEXEC is through the User and Group directives in
VirtualHost definitions. By setting these directives to values different
from the main server user ID, all requests for CGI resources will be
executed as the User and Group defined for that <VirtualHost>. If only
one or neither of these directives are specified for a <VirtualHost>
then the main server userid is assumed.

suEXEC can also be used to to execute CGI programs as the user to which
the request is being directed. This is accomplished by using the ~
character prefixing the user ID for whom execution is desired. The only
requirement needed for this feature to work is for CGI execution to be
enabled for the user and that the script must meet the scrutiny of the
security checks above.

Follow-Ups:
- Re: [cobalt-users] FP2000 user webs and SSL
  - From: Jim Euliano
- RE: [cobalt-users] FP2000 user webs and SSL
  - From: Kevin

Prev by Date: [cobalt-users] Re: [Cobalt] RAQ2 - Backup HELP!!!!
Next by Date: Re: [cobalt-users] MySQL
Previous by thread: Re: [cobalt-users] Re: [RAQ2] Sample Config of Majordomo
Next by thread: Re: [cobalt-users] FP2000 user webs and SSL

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index

Sun Cobalt and Linux Support by Zeffie.com
A Sun Cobalt and Linux Support Specialist Since 1999
Sun Cobalt Support, Repairs, Development, and Maintenance.
Home of the Worlds Largest Collection of Sun Cobalt Updates!
Sun Cobalt Spam Filter, Security, Firewall, Anti Virus Products.
734-454-9117 US Toll Free 800-231-4459 UK 0208-150-6860

Zeffie's Sun Cobalt User Forums
Zeffie's Sun Cobalt Restore CD's Zeffie's Sun Cobalt Updates
Sun Cobalt Users List Sun Cobalt Security List Sun Cobalt Developers List

Click here to buy me a drink at the local pub!
(includes tip and paypal fees)

Copyright 2009 by Electronic Consultants Inc.