Hello,
I recently installed httpd-2.2.9 (with LDAP and SSL) on my Mac OS X 10.5.4
box. Everything went very smoothly except for one thing; Apache keeps
shutting down due to the following initgroups failures:
[Wed Sep 24 19:02:11 2008] [alert] (2)No such file or directory: initgroups:
unable to set groups for User <user> and Group <gid>
and
[Wed Oct 08 15:00:48 2008] [alert] (22)Invalid argument: initgroups: unable
to set groups for User <user> and Group <gid>
After doing quite a bit of research, I found a few others who had also run
into this problem (some of them dating back to 1995). However, I was unable
to find a solution. The main difference I am noticing with the problem I'm
having as compared to other users is that initgroups() seems to fail at what
seems like random intervals for me. I read up a bit on how this error was
getting thrown for some while trying to start httpd due to the user being a
member of too many groups. However, I don't think that is the problem here
and this error certainly has not been occurring when starting up httpd.
I tried to trace the code that was causing the issue and I found the
following (httpd-2.2.9/os/unix/unixd.c):
if (initgroups(name, unixd_config.group_id) == -1) {
ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL,
"initgroups: unable to set groups for User %s "
"and Group %u", name, (unsigned
)unixd_config.group_id);
return -1;
}
One of the posts I read involved trying to resolve the issue by comparing
the initgroups() return value to 1. However, initgroups() returns a -1 for
errors (or when not called by a super-user) so comparing it to 1 would not
really be solving the problem. Lastly, I tried to set permissions for the
httpd script which is owned by root (/bin/httpd) to 4755 to try to prevent
initgroups from failing due to non-sudo calls. That seemed to fix it, but
after 1 week, it has crashed again. The main problem is that it seems to
crash very randomly.
The following is the ./configure command I used (if it helps):
./configure --prefix=/usr/local/httpd-2.2.9 --enable-mods-shared=most
--enable-ssl --enable-ldap --with-ldap --with-included-apr
--enable-auth-ldap --enable-authnz-ldap --enable-proxy
So after all this, I have a couple of questions. Can someone please point me
in the right direction for reproducing this problem? It *seems* to be pretty
random for me in terms of when it fails. Has anyone else run into this
problem? Does this problem have anything to do with the modules that I am
using or is it just something wrong with my Apache installation? And
finally, since initgroups() needs to be called by a super-user, how does it
ever return successfully at all?
I realize from all of the Googling I've done that this problem has been
occurring for httpd customers since 1995, however, I have had no luck in
finding a proper solution so any help would be greatly appreciated.
Thanks a bunch!
-AS
