Hello list,
I've made a patch for this old posting[1].
My problem was that I need to use 'mod_fcgid' but without the suexec
stuff. My apache is already running as non-root and I need a little
speedup of my script based CMS (I'm using catalyst).
So I've added the flag 'Disable_suexec_check'. So you have to write in
your httpd.conf some like this:
> Disable_suexec_check on
and everything is fine.
The patch is small, the main part is consists of adding the flag and the
small rest is just a change of one if statement. Instead of
> if (unixd_config.suexec_enabled) {
I use
> if (!get_disable_suexec_check(main_server) && \
> unixd_config.suexec_enabled) {
so this will result into a unixd_setup_child() call and not a
suexec_setup_child() call.
Comments are welcome and you can of course include the patch in the next
release of mod_fcgid.
Thanks for your work.
[1]http://sourceforge.net/mailarchive/message.php?msg_name=1192153501.30624.1215466817%40webmail.messagingengine.com
--
So long... Fuzz
diff -bru mod_fcgid.2.2-orig/arch/unix/fcgid_pm_unix.c mod_fcgid.2.2-disable_suexec_check/arch/unix/fcgid_pm_unix.c
--- mod_fcgid.2.2-orig/arch/unix/fcgid_pm_unix.c 2007-07-31 11:09:18.000000000 +0200
+++ mod_fcgid.2.2-disable_suexec_check/arch/unix/fcgid_pm_unix.c 2007-12-11 19:03:20.000000000 +0100
@@ -216,7 +216,7 @@
}
/* if running as root, switch to configured user */
- if (unixd_config.suexec_enabled) {
+ if (!get_disable_suexec_check(main_server) && unixd_config.suexec_enabled) {
if (getuid() != 0) {
ap_log_error(APLOG_MARK, LOG_EMERG, rv, main_server,
"mod_fcgid: current user is not root while suexec is enabled, exit now");
diff -bru mod_fcgid.2.2-orig/fcgid_conf.c mod_fcgid.2.2-disable_suexec_check/fcgid_conf.c
--- mod_fcgid.2.2-orig/fcgid_conf.c 2007-07-31 11:09:20.000000000 +0200
+++ mod_fcgid.2.2-disable_suexec_check/fcgid_conf.c 2007-12-11 18:59:00.000000000 +0100
@@ -32,6 +32,7 @@
#define DEFAULT_MAX_REQUESTS_PER_PROCESS -1
#define DEFAULT_MAX_REQUEST_LEN (1024*1024*1024) /* 1G */
#define DEFAULT_MAX_MEM_REQUEST_LEN (1024*64) /* 64k */
+#define DEFAULT_DISABLE_SUEXEC_CHECK 0
static void init_server_config(apr_pool_t * p, fcgid_server_conf * config)
{
@@ -61,6 +62,7 @@
config->max_requests_per_process = DEFAULT_MAX_REQUESTS_PER_PROCESS;
config->max_request_len = DEFAULT_MAX_REQUEST_LEN;
config->max_mem_request_len = DEFAULT_MAX_MEM_REQUEST_LEN;
+ config->disable_suexec_check = DEFAULT_DISABLE_SUEXEC_CHECK;
}
void *create_fcgid_server_config(apr_pool_t * p, server_rec * s)
@@ -747,6 +749,24 @@
return NULL;
}
+const char *set_disable_suexec_check(cmd_parms * cmd, void *dummy,
+ int arg)
+{
+ fcgid_server_conf *config =
+ ap_get_module_config(cmd->server->module_config, &fcgid_module);;
+
+ config->disable_suexec_check = arg;
+ return NULL;
+}
+
+int get_disable_suexec_check(server_rec * s)
+{
+ fcgid_server_conf *config =
+ ap_get_module_config(s->module_config, &fcgid_module);
+
+ return config ? config->disable_suexec_check : DEFAULT_DISABLE_SUEXEC_CHECK;
+}
+
typedef struct {
apr_hash_t *wrapper_id_hash;
apr_size_t cur_id;
diff -bru mod_fcgid.2.2-orig/fcgid_conf.h mod_fcgid.2.2-disable_suexec_check/fcgid_conf.h
--- mod_fcgid.2.2-orig/fcgid_conf.h 2007-07-31 11:09:22.000000000 +0200
+++ mod_fcgid.2.2-disable_suexec_check/fcgid_conf.h 2007-12-11 18:59:23.000000000 +0100
@@ -43,6 +43,7 @@
int ipc_comm_timeout;
int busy_timeout;
int php_fix_pathinfo_enable;
+ int disable_suexec_check;
} fcgid_server_conf;
typedef struct {
@@ -186,4 +187,8 @@
const char *arg);
int get_max_requests_per_process(server_rec * s);
+const char *set_disable_suexec_check(cmd_parms * cmd, void *dummy,
+ int arg);
+int get_disable_suexec_check(server_rec * s);
+
#endif
diff -bru mod_fcgid.2.2-orig/mod_fcgid.c mod_fcgid.2.2-disable_suexec_check/mod_fcgid.c
--- mod_fcgid.2.2-orig/mod_fcgid.c 2007-07-31 11:09:22.000000000 +0200
+++ mod_fcgid.2.2-disable_suexec_check/mod_fcgid.c 2007-12-11 18:57:00.000000000 +0100
@@ -621,6 +621,10 @@
AP_INIT_FLAG("FastCgiAccessCheckerAuthoritative",
set_access_authoritative, NULL, ACCESS_CONF | OR_FILEINFO,
"Set to 'off' to allow access control to be passed along to lower modules upon failure"),
+ AP_INIT_FLAG("Disable_suexec_check",
+ set_disable_suexec_check, NULL,
+ RSRC_CONF,
+ "Set 1, if you want to disable the suexec check (default = 0)"),
{NULL}
};
-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Mod-fcgid-users mailing list
Mod-fcgid-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-fcgid-users
