I'm now able to successfully run my script as a user other than Apache,
thanks to Graham's help. I now want to replicate the "suexec" aspect of CGI
and allow different scripts to run as different users. (I don't necessarily
need Apache to "su" to the script's owner; I'm willing to hard-code that.)

I created an Apache .conf file to set up two scripts with different users.
(The two scripts are identical; they just have different names):

LogLevel info

# My thanks to Graham Dumpleton for this addition
WSGISocketPrefix /var/run/wsgi

WSGIScriptAlias /scottapp /home/anderson/public_html/myapp-scott.wsgi
WSGIDaemonProcess scottapp *user=anderson*
WSGIProcessGroup scottapp

WSGIScriptAlias /cs304app /home/anderson/public_html/myapp-cs304.wsgi
WSGIDaemonProcess cs304app *user=cs304*
WSGIProcessGroup cs304app

Both urls are running as the "cs304" user; neither runs as "anderson". So,
it seems the second value overwrote the first, and that there can be only
one value for WSGIDaemonProcess.  Is that right?  I've read and re-read the
docs on WSGIDaemonProcess and WSGIProcessGroup, and I can't be sure.

Is there a way to get the behavior I want, where I can have each allowed
user to run their script as their personal UID, instead of as Apache?

Thanks,

Scott



-- 
Scott D. Anderson
Computer Science Department
Wellesley College
scott.ander...@acm.org
scott.ander...@wellesley.edu

-- 
You received this message because you are subscribed to the Google Groups 
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to modwsgi+unsubscr...@googlegroups.com.
To post to this group, send email to modwsgi@googlegroups.com.
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.

Reply via email to