Re: [users@httpd] Is a home directory for the httpd user safe?
On Sun, Feb 27, 2022 at 3:24 PM Stormy wrote: > > On 2022-02-27 10:31 a.m., Tom Browder wrote: > > On Sun, Feb 27, 2022 at 09:11 Jeroen Verhoeckx > > wrote: > > > >> Why do you need a predefined user with a writeable home directory? ... Sorry, I was not very clear: Raku has expectations about library locations, etc., and I'm trying to sort out debugging info in a strange (to me), hybrid environment. As it turns out, I was using journalctl incorrectly and seeing old log info which misled me into thinking I had a different Raku problem. For some reason, the Raku module I'm using does have problems, but not directly associated with Apache or systemd. > Please do not blame your problems on "Raku" -- a quick look shows it to > be a derivative of c or c++. I started in FORTRAN in 1957, cobol in > 1960, and have never, ever, blamed coding for any failure -- crap in, > crap out -- YMMV. I started in FORTRAN in 1961, and other languages since. I am a core developer for Raku, and I have never "blamed" the languages for my failures. However, I do blame the language or program when they have bugs. The problem then becomes whose bug ("blame") is it? Usually it is my problem, but this situation has been exasperating for me because debugging it is hard and my program (and another user's published module) seemed to behave differently in the systemd environment versus my user space. Best regards, -Tom - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Is a home directory for the httpd user safe?
On 2022-02-27 10:31 a.m., Tom Browder wrote: On Sun, Feb 27, 2022 at 09:11 Jeroen Verhoeckx wrote: Why do you need a predefined user with a writeable home directory? Because that user executes the server loop behind the reverse proxy. The program running that server uses the Raku programming language which needs some default settings to execute. I may be able to handle some of that in the governing systemd service file, but this way seems easier. Please be more specific. "the server loop" behind "the reverse proxy" is totally meaningless without context. Please do not blame your problems on "Raku" -- a quick look shows it to be a derivative of c or c++. I started in FORTRAN in 1957, cobol in 1960, and have never, ever, blamed coding for any failure -- crap in, crap out -- YMMV. Paul - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Is a home directory for the httpd user safe?
On 2022-02-27 8:39 a.m., Tom Browder wrote: Your query is probably too vague for a helpful response. What system are you using? What FAQs and documents have you read? What specific details are unclear? In order to run a service behind my reverse proxy I need to have a defined user with some kind of writeable home directory. What "service"? What "reverse proxy"? What is "some kind of writeable"? Any directory chmod'ed to 222 would be "writaeable" by anybody (but you might need 666 to have anybody read it) The easy choice to get started is to create a /home/apache directory for my apache user. www-data (the "industry standard user") is most often not installed in /home. What documentation are you relying upon for your "easy choice"? Is that safe or should I do something else? Depends on user/group permissions -- again 222 is probably (but not guaranteed) safe but not very functional I do have my systemd service file working, so I can create a new user for that purpose if need be. If your computer actually boots to a usable interface, systemd is probably running... Paul --- Sunday's tired old sys-admin Thanks. -Tom - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Is a home directory for the httpd user safe?
On Sun, Feb 27, 2022 at 09:11 Jeroen Verhoeckx wrote: > Why do you need a predefined user with a writeable home directory? Because that user executes the server loop behind the reverse proxy. The program running that server uses the Raku programming language which needs some default settings to execute. I may be able to handle some of that in the governing systemd service file, but this way seems easier. -Tom
Re: [users@httpd] Is a home directory for the httpd user safe?
Why do you need a predefined user with a writeable home directory? I have one, but I only use it to log in the system with ssh. You can save all configuration in the directory '/etc/httpd/conf.d' (on RHEL). - Jeroen Support the independent web, use Firefox --- Original Message --- On Sunday, February 27th, 2022 at 2:39 PM, Tom Browder wrote: > In order to run a service behind my reverse proxy I need to have a defined > user with some kind of writeable home directory. > > The easy choice to get started is to create a /home/apache directory for my > apache user. > > Is that safe or should I do something else? > > I do have my systemd service file working, so I can create a new user for > that purpose if need be. > > Thanks. > > -Tom - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] Is a home directory for the httpd user safe?
In order to run a service behind my reverse proxy I need to have a defined user with some kind of writeable home directory. The easy choice to get started is to create a /home/apache directory for my apache user. Is that safe or should I do something else? I do have my systemd service file working, so I can create a new user for that purpose if need be. Thanks. -Tom