No promises this will work as I am not a maintainer nor developer of
mod_fcgid, but I have prepared a patch for you that should achieve the same
effect. I'm not able to test compilation with mpm-itk (mainly because I'm
not sure which package you're using), but it compiles cleanly without
mpm-itk
Thanks, but it does not work:
srwx-- 1 wwwrun wwwrun 0 23. Feb 02:26 10055.6
error_log: (13)Permission denied: mod_fcgid: can't lock process table in pid
patch and compile without error
greets martin
Von: Josiah Purtlebaugh [mailto:josiah.purtleba...@gmail.com]
I'm sorry, I should have considered that an unprivileged user would be
unable to change ownership of an existing socket created with a different
uid. I'll have to consider further what additional changes might be
necessary.
Josiah
On Feb 22, 2013 5:34 PM, m...@unimx.de wrote:
Thanks, but it
We test:
/* Correct the file owner */
if (!geteuid()) {
//#if defined(MPM_ITK)
//if (chown(unix_addr.sun_path, procnode-uid, -1) 0) {
if (chown(unix_addr.sun_path, web589, -1) 0) {
//#else
//if (chown(unix_addr.sun_path, ap_unixd_config.user_id, -1) 0)
Right. The Unix socket is already owned by wwwrun and the chown is being
executed by a different uid, I think. We need to enforce not only the chown
but also the creation of the socket. It will be in another function.
Josiah
On Feb 22, 2013 5:48 PM, m...@unimx.de wrote:
We test:
** **
Yes the socket -i think- is created by apache with user root, only the child
get wwwrun and his child with mpm-itk get f.e. web589
So if we find the function create the socket, there it have to be created
with the user of mpm-itk.
May at this time the user is unknown.
May it is possible