Hi, I'm working on debian packages with openca server running at it's own uid, different from the uid of the apache server and stepped on the openca_socket permissions problem. Normally openca_socket gets created with uid/gid of openca server and mode 755. In this case, if apache is running at uid <> openca's uid it is unable to connect to socket.
I see two solutions to this problem, but may be there's a better way. 1st. chmod socket to 777, put it into socket directory and control access to that directory. Currently I'm going this way. I've implemented --with-run-dir=/var/run/openca where pids are kept and socket is created in /var/run/openca/socket. 2nd. chown socket to the uid of http server. In this case there's no world writtable socket, but openca has to be started as root. Any comments? Best wishes -- Alexei Chetroi Smile... Tomorrow will be worse. (c) Murphy's Law ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ OpenCA-Devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-devel
