Re: [Openca-Users] openca_start httpd user

Tue, 16 Dec 2003 09:11:12 -0800 

On Tue, Dec 16, 2003 at 01:16:05PM +0100, Michael Bell wrote:
> From: Michael Bell <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: [Openca-Users] openca_start httpd user
> Alexei Chetroi wrote:
> >
> > Please help me. I can run /etc/openca/openca_start only if
> >$AUTOCONF {"httpd_user"}     = "root";
> >$AUTOCONF {"httpd_group"}    = "root";
> >
> > are set to root. If I use another uid it starts, but complains about
> >setuid and I cannot move any further by password prompt on web
> >interface. After introducing right password it prompts me once again in
> >the loop. 
> >
> > Please help. I don't want to run openca as root :)
> 
> I don't like such things too :)
> 
> There was a known bug in Net::Server 0.85. I updated our CVS version to 
> 0.86. This version includes a bugfix for setuid and FreeBSD. I use a 
> SuSE 8.2 and my Apache user and group are wwwrun and nogroup. Does 
> www-data be a real group?

  Yes www-data is a real user/group. There's a debian bug id: #223383
User and group www-data not acepted. Version 0.86 is also susceptible to
this bug. Here's patch for 0.85 from bugs.debian.org

--- Server.pm   2003-04-07 06:06:22.000000000 +0200
+++ /usr/share/perl5/Net/Server.pm      2003-12-08 15:43:44.000000000
+0100
@@ -404,7 +404,7 @@
     $self->log(1,"Group Not Defined.  Defaulting to EGID '$)'\n");
     $prop->{group}  = $);
   }else{
-    if( $prop->{group} =~ /^(\w+( \w+)*)$/ ){
+    if( $prop->{group} =~ /^(\w[-\w]+( \w+)*)$/ ){
       $prop->{group} = eval{ get_gid( $1 ) };
       $self->fatal( $@ ) if $@;
     }else{
@@ -418,7 +418,7 @@
     $self->log(1,"User Not Defined.  Defaulting to EUID '$>'\n");
     $prop->{user}  = $>;
   }else{
-    if( $prop->{user} =~ /^(\w+)$/ ){
+    if( $prop->{user} =~ /^(\w[-\w]+)$/ ){
       $prop->{user} = eval{ get_uid( $1 ) };
       $self->fatal( $@ ) if $@;
     }else{


  

-- 
Alexei Chetroi




-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to