Hi, After doing a little more reading in the user archive, it appears that one -must- run the startup script as root. There are two server processes that should run after startup - the XML cache and the OpenCA daemon and, by default, they are run by the web server owner as specified in openca_start (httpd_user, httpd_group). This makes sense to me now - it's a typical UNIX startup script meant to be run at boot time and which switches to appropriate users. So the reason for using openca_user and openca_group at install time is to control OpenCA directory/file ownership.
Mike > > > > I got around this by setting both the openca-user and the httpd-user > to > > the web-server user, this isn't exactly right, but it seems as though > > many of the permissions are done improperly. That many of the web > > scripts receive the openca-user permissions and all the directories > > receive the httpd-user permissions. I also was running these commands > as > > root. Also I had to turn off SELinux, or rather I didn't want to > bother > > worrying about it anymore. > > Thanks, but I have everything running as openca. I did turn off both > iptables and SELinux. Still no good. > > Frustrating indeed. > > Take it EZ, > Robet > > ----------------------------------------------------------------------- > -- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio 2005. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > _______________________________________________ > Openca-Users mailing list > Openca-Users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openca-users ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
