mod_ssl: mod_ssl-2.4.5-1.3.9
OS: RedHat Linux 6.0 (plus bits of 6.1)
Previous bug reports (not mine, I just got here) have
discussed the desirability of having runtime configuration for
EAPI_MM_CORE_PATH. I'd like to illustrate the point.
Red Hat Linux Professional 6.1 uses mod_ssl-2.4.5-1.3.9. It
also has EAPI_MM_CORE_PATH *fixed* to "/var/run/httpsd.mm"; the
runtime root can't change this. This leads to two problems:
1) Multiple servers share the same MM file. Is this safe? I'm
assuming not, in the absence of a reassuring statement from
someone familiar with the code.
2) Unprivileged users cannot run the server.
At this point I am uncertain whether RedHat's source kit for
this particular server is actually comprehensive enough for me to
relink with corrected code. Perhaps I could patch the executable?
Chroot is not an option...
Now, I realize that RedHat's error isn't really this group's
responsibility, and that consequence (1), above, is already corrected
in the current version of mod_ssl (the pid is appended to the name).
Nontheless, it would really, really help if there were something,
perhaps a command line flag (rather than a directive) that could
override EAPI_MM_CORE_PATH.
You might also want to be prepared, just in case the screaming
hordes of dissatisfied RedHat Professional customers descend upon your
Web site and invade your mailing list. :-)
I first composed this message as a modssl bug report in my Web
browser, but when I try to "Submit Bug Report" I get:
Bug Database
The system encountered a fatal error
After command:
Received:
The last error code was: Connection refused
Craig Milo Rogers
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
