DO NOT REPLY [Bug 8904] - perchild: apr_proc_mutex problem
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8904. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8904 perchild: apr_proc_mutex problem --- Additional Comments From [EMAIL PROTECTED] 2003-03-30 12:53 --- I found out an alternative solution to the 'permission denied' problem of 'perchild'-servers. The only restriction is, that ALL processes (the main process and the worker processes) must run unter the same GID ('nogroup' or '#-1' in this example). a) Change in file srclib/apr/locks/unix/proc_mutex.c, line 217:new_mutex-interproc-filedes = semget(IPC_PRIVATE, 1, IPC_CREAT | 0660); b) When you start the server you must make sure that the GID of the calling shell is 'nogroup'. This can be done either with 'newgrp' or 'sg': sg nogroup -c /usr/local/apache2/bin/httpd -k start The main process starts under 'root':'nogroup', creates the semaphore and forks off several worker processes which may change their UID (but NOT their GID!). I personally don't see any security problems caused by the 'all servers under same GID'-rule. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 8904] - perchild: apr_proc_mutex problem
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8904. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8904 perchild: apr_proc_mutex problem [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||DUPLICATE --- Additional Comments From [EMAIL PROTECTED] 2002-07-02 21:53 --- Dup of 7921 *** This bug has been marked as a duplicate of 7921 *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 8904] - perchild: apr_proc_mutex problem
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8904. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8904 perchild: apr_proc_mutex problem [EMAIL PROTECTED] changed: What|Removed |Added Version|2.0.36 |2.0.39 --- Additional Comments From [EMAIL PROTECTED] 2002-06-22 10:23 --- This bug still exists in 2.0.39 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 8904] - perchild: apr_proc_mutex problem
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8904. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8904 perchild: apr_proc_mutex problem [EMAIL PROTECTED] changed: What|Removed |Added Summary|apr_proc_mutex problem |perchild: apr_proc_mutex ||problem --- Additional Comments From [EMAIL PROTECTED] 2002-05-27 18:00 --- The problem when you run as root is that the mutex is created as root and the permissions don't get set right, so the child processes can't access the mutex. We've seen the same problem in mod_ssl, mod_rewrite, etc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]