On 29 November 2010 04:59, Stephen Nelson-Smith wrote:
> On Fri, Nov 26, 2010 at 6:15 PM, Victor Churchill
> wrote:
> > Hi
> >
> > I have been asked to make a Perl script that does some stuff with
> Apache's
> > config (adds a virtual host) and then does an apache2ctl graceful to tell
> > Apache
On Fri, Nov 26, 2010 at 6:15 PM, Victor Churchill
wrote:
> Hi
>
> I have been asked to make a Perl script that does some stuff with Apache's
> config (adds a virtual host) and then does an apache2ctl graceful to tell
> Apache to re-read its config files.
Sounds like the sort of thing that would b
On 26 November 2010 21:43, Dominic Cleal wrote:
> On 26/11/10 21:04, Vic wrote:
>
> I'd strongly recommend using sudo, it isn't daft. It's really easy to
> configure, it gives you auditing via syslog and should run the command
> in a secure environment out of the box.
>
> Add a line to the bottom
Hi Victor,
On Fri, Nov 26, 2010 at 06:15:22PM +, Victor Churchill wrote:
> I have been asked to make a Perl script that does some stuff with Apache's
> config (adds a virtual host) and then does an apache2ctl graceful to tell
> Apache to re-read its config files.
I concur with Dominic's respo
Thanks to all. Looks like a restricted sudo will be the way to go. I will
give that a try, I'm pretty confident it should do what's required.
--
Please post to: Hampshire@mailman.lug.org.uk
Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
LUG URL: http://www.hantslug.org.uk
On 26/11/10 21:43, Dominic Cleal wrote:
> It'd be difficult to write a setuid script securely as environment
> variables (e.g. PATH, LD_LIBRARY_PATH) could be used to make the script
> run all sorts of things the author didn't intend.
Small correction: apparently LD_* type variables are ignored on
On 26/11/10 21:04, Vic wrote:
>> It would be daft to make www-data a sudoer and I'm not sure how I would do
>> that anyway. Any ideas on how to achieve this, or alternatives?
>
> Factor out the couple of bits that need root privilege, and put them in
> their own scripts. Make those scripts executa
> It would be daft to make www-data a sudoer and I'm not sure how I would do
> that anyway. Any ideas on how to achieve this, or alternatives?
Factor out the couple of bits that need root privilege, and put them in
their own scripts. Make those scripts executable only by the www-data
user, and th
On Friday 26 November 2010 18:15:22 Victor Churchill wrote:
> Hi
>
> I have been asked to make a Perl script that does some stuff with Apache's
> config (adds a virtual host) and then does an apache2ctl graceful to tell
> Apache to re-read its config files.
> This is Ubuntu 10.04, Apache 2.2. The
Hi
I have been asked to make a Perl script that does some stuff with Apache's
config (adds a virtual host) and then does an apache2ctl graceful to tell
Apache to re-read its config files.
This is Ubuntu 10.04, Apache 2.2. The script does its thing with the files
(it runs as the www-data userID, an
10 matches
Mail list logo