Thava Alagu wrote: > > Here is the latest updated proposal for phppgadmin. > > Highlights: > > - The new apache webserver config module phppgadmin.conf is attached. > I propose to deliver this into new config dir say, > /etc/apache2/2.2/webapp.d > This directory name is used by one of the linux distributions. > The idea is to differentiate this module from other core config > modules in > /etc/apache2/2.2/conf.d directory. > One should be able to include conf.d/*.conf file into httpd.conf > file without > worrying about enabling all webapplications, if they choose to do so. > I see some other linux distributions take slightly different > approaches. > Introducing another directory (like webapp.d) need to be well thought / discussed decision. I am interested in hearing the opinion from the rest of the community on this as well. IMO, we could provide this under samples (if we decide to not enable it by default) directory.
My opinion would be that that we enable this by default and however protect this with a common uri (say /pgadmin) for administration tasks with a basic authorization. > Discussions and insights into this are appreciated as this is a > general change > to apache server config for web applications such as phppgadmin. > > - I propose to deliver this new config file into SUNWapch22-phppgadmin > package. I guess, a typo here - SUNWapch22r-phppgadmin > This is similar to SUNWapch22r-php5 package which delivers php5 > module for webserver. > I would prefer this to get delivered to SUNWphppgadmin-apch22-config > package, > if the official policy, if any, would allow this -- but I somehow > have a feeling, since it delivers file inside > /etc/apache2/ it has to be SUNWapch*. > > - While I was testing the apache webserver with different > configurations, I noticed that the webserver > configuration is very unfriendly to non-root user. There is no > example httpd-nonroot.conf > file that would easily allow to kickoff webserver by non-root user. probably , the apache integration engineer was content with the idea of regular users assigning themselves to apache profile that has been created. usermod -P<Apache Administration>,<rest of your regular profiles> <user name> and with this one should be able to start the server using pfexec svcadm enable http:apache22 I do agree that this has lot of shortcomings like - unable to bind at port 80 by default etc. can you please file a bug / rfe on this - product/cat/sub-cat => solaris/utility/apache so that the responsible engineer can look more into this. - Sriram > I learned the hard way, these are the parameters to specify in > httpd.conf file by non-root user: > > PidFile /home/thava/apache/logs/httpd.pid > LockFile /home/thava/apache/logs/accept.lock > ErrorLog /home/thava/apache/logs/error_log > Scriptsock /home/thava/apache/logs/cgisock > > This is not unique to solaris, the linux distributions are as > unfriendly as solaris. > I think in most cases, one should not run the webserver as root > unless it is absolutely necessary. > This is something we may want to think about making it easy for use > by non-root users. > > -thava > > ------------------------------------------------------------------------ > > _______________________________________________ > > > webstack-discuss mailing list > webstack-discuss at opensolaris.org > http://mail.opensolaris.org/mailman/listinfo/webstack-discuss
